User Role Editor - Version 4.50

Version Description

Release Info

Developer	shinephp
Plugin	User Role Editor
Version	4.50
Comparing to
See all releases

Code changes from version 4.49 to 4.50

Files changed (23) hide show

changelog.txt +6 -0
includes/classes/advertisement.php +82 -48
includes/classes/ajax-processor.php +44 -31
includes/classes/assign-role.php +2 -2
includes/classes/base-lib.php +30 -23
includes/classes/capabilities-groups-manager.php +24 -0
includes/classes/capabilities.php +377 -0
includes/classes/capability.php +12 -12
includes/classes/editor.php +1379 -0
includes/classes/grant-roles.php +8 -7
includes/classes/lib.php +172 -1780
includes/classes/role-view.php +22 -20
includes/classes/settings.php +58 -17
includes/classes/tools.php +34 -27
includes/classes/user-other-roles.php +37 -2
includes/classes/user-role-editor.php +54 -5
includes/classes/user-view.php +8 -9
includes/classes/view.php +17 -17
includes/loader.php +3 -1
includes/settings-template.php +5 -4
js/ure.js +14 -4
readme.txt +15 -13
user-role-editor.php +2 -2

changelog.txt CHANGED Viewed

	@@ -1,5 +1,11 @@
1	CHANGES LOG (full version).
2	===========================






3	= [4.49] 15.01.2019 =
4	* Update: Selected role ID was added to "Delete role" confirmation dialog.
5	* Update: Method URE_Base_Lib::get_short_list_str() was enhanced.


1	CHANGES LOG (full version).
2	===========================
3	+ = [4.50] 20.02.2019 =
4	+ * Update: General code restructure and optimization.
5	+ * Update: URE_Base_Lib::get_blog_ids() returns null, if it's called under WordPress single site (not multisite).
6	+ * Update: URE_Editor::prepare_capabilities_to_save() : "Invalid argument supplied for foreach()" warning was excluded in case there was no valid data structures initialization.
7	+ * Update: 'administrator' role protection was enhanced. URE always does not allow to revoke capability from 'administrator' role. That was possible earlier after the 'administrator' role update.
8	+
9	= [4.49] 15.01.2019 =
10	* Update: Selected role ID was added to "Delete role" confirmation dialog.
11	* Update: Method URE_Base_Lib::get_short_list_str() was enhanced.

includes/classes/advertisement.php CHANGED Viewed

@@ -9,60 +9,93 @@
              */
             class URE_Advertisement {
-            -
-            -
            	private $slots = array(0=>'');
-            -
            	function __construct() {
-            -
-            -
            		$used = array(-1);
-            -
-            -
            		$index = $this->rand_unique( $used );
-            -
            		$this->slots[$index] = $this->admin_menu_editor();
-            -
            		$used[] = $index;
-            -
-            -
            	}
-            -
            	// end of __construct
-            -
-            -
-            -
            	/**
-            -
            	 * Returns random number not included into input array
-            -
            	 *
-            -
            	 * @param array $used - array of numbers used already
-            -
            	 *
-            -
            	 * @return int
-            -
            	 */
-            -
            	private function rand_unique( $used = array(-1) ) {
-            -
            		$index = rand(0, 2);
-            -
            		while (in_array($index, $used)) {
-            -
            			$index = rand(0, 2);
-            -
            		}
-            -
-            -
            		return $index;
-            -
            	}
-            -
            	// return rand_unique()
-            -
-            -
-            -
            	// content of Admin Menu Editor advertisement slot
-            -
            	private function admin_menu_editor() {
-            -
-            -
            		$output = '
             			<div style="text-align: center;">
             				<a href="https://adminmenueditor.com/?utm_source=UserRoleEditor&utm_medium=banner&utm_campaign=Plugins" target="_new" >
-            -
            					<img src="'. URE_PLUGIN_URL . 'images/admin-menu-editor-pro.jpg' .'" alt="Admin Menu Editor Pro"
             									title="Move, rename, hide, add admin menu items, restrict access" width="250" height="250" />
             				</a>
             			</div>
             			';
-            -
-            -
            		return $output;
-            -
            	}
-            -
            	// end of admin_menu_editor()
-            -
-            -
-            -
            	/**
                  * Output all existed ads slots
                  */
                 public function display() {
             ?>
                 <div id="ure-sidebar" class="ure_table_cell" >
             <?php
@@ -73,7 +106,8 @@ class URE_Advertisement {
                 </div>
                     <?php
+                }
-            -
-            -
                    // end of display()
-            -
                }
-            -
            // end of ure_Advertisement


9	*/
10
11	class URE_Advertisement {
12	+
13	+ private $slots_quantity = 1;
14	+ private $slots = array();
15
16	+
17	+ function __construct() {
18	+
19	+ $this->init();
20	+
21	+ }
22	+ // end of __construct
23	+
24	+ /**
25	+ * Returns random number not included into input array
26	+ *
27	+ * @param array $used - array of numbers used already
28	+ *
29	+ * @return int
30	+ */
31	+ private function rand_unique( $used = array(-1), $max_ind ) {
32	+ if ( $max_ind<0 ) {
33	+ $max_ind = 0;
34	+ }
35	+ $index = rand( 0, $max_ind );
36	+ $iterations = 0;
37	+ while ( in_array( $index, $used ) && $iterations<=$max_ind * 3 ) {
38	+ $index = rand( 0, $max_ind );
39	+ $iterations++;
40	+ }
41	+
42	+ return $index;
43	+ }
44	+ // return rand_unique()
45	+
46	+
47	+ private function init() {
48	+
49	+ $this->slots = array();
50	+ $used = array(-1);
51	+ $max_ind = $this->slots_quantity - 1;
52	+ $index = $this->rand_unique( $used, $max_ind );
53	+ $this->slots[$index] = $this->admin_menu_editor();
54	+ /*
55	+ $used[] = $index;
56	+ $index = $this->rand_unique( $used, $max_ind );
57	+ $this->slots[$index] = $this->some_other_slot();
58	+ ksort( $this->slots );
59	+ *
60	+ */
61	+ }
62	+ // end of init()
63	+
64	+ /*
65	+ private function some_other_slot() {
66	+ $output = '
67	+ <div style="text-align: center;">
68	+ bla-bla-bla;
69	+ </div>';
70	+ return $output;
71	+ }
72	+ */
73	+
74	+ // content of Admin Menu Editor advertisement slot
75	+ private function admin_menu_editor() {
76	+
77	+ $output = '
78	<div style="text-align: center;">
79	<a href="https://adminmenueditor.com/?utm_source=UserRoleEditor&utm_medium=banner&utm_campaign=Plugins" target="_new" >
80	+ <img src="' . URE_PLUGIN_URL . 'images/admin-menu-editor-pro.jpg' . '" alt="Admin Menu Editor Pro"
81	title="Move, rename, hide, add admin menu items, restrict access" width="250" height="250" />
82	</a>
83	</div>
84	';
85	+
86	+ return $output;
87	+ }
88	+ // end of admin_menu_editor()
89	+
90	+
91	+ /**
92	* Output all existed ads slots
93	*/
94	public function display() {
95	+
96	+ if ( empty( $this->slots ) ) {
97	+ return;
98	+ }
99	?>
100	<div id="ure-sidebar" class="ure_table_cell" >
101	<?php

106	</div>
107	<?php
108	}
109	+ // end of display()
110	+
111	+
112	+ }
113	+ // end of URE_Advertisement class

includes/classes/ajax-processor.php CHANGED Viewed

	@@ -16,27 +16,28 @@
16	class URE_Ajax_Processor {
17
18	protected $lib = null;
19	- protected $action = null;
20	-
21
22	- ~~public function __construct($lib) {~~

23
24	- $this->lib = ~~$lib~~;

25
26	}
27	// end of __construct()
28
29
30	protected function get_action() {
31	- $action = ~~filter_input~~(~~INPUT_POST,~~ 'sub_action', ~~FILTER_SANITIZE_STRING~~);
32	if (empty($action)) {
33	- $action = ~~filter_input~~(~~INPUT_GET,~~ 'sub_action', ~~FILTER_SANITIZE_STRING~~);
34	}
35	-
36	- $this->action = $action;
37	-
38	return $action;
39	}

40
41
42	protected function get_required_cap() {
	@@ -52,22 +53,31 @@ class URE_Ajax_Processor {
52	// end of get_required_cap()
53
54
55	- protected function ~~ajax_check_permissions~~() {
56
57	- if (!wp_verify_nonce($_REQUEST['wp_nonce'], 'user-role-editor')) {
58	echo json_encode(array('result'=>'error', 'message'=>'URE: Wrong or expired request'));
59	- ~~die~~;


60	}
61






62	$capability = $this->get_required_cap();
63	- if (!current_user_can($capability)) {
64	- echo json_encode(array('result'=>'error', 'message'=>'URE: Insufficient permissions'));
65	- ~~die~~;


66	}
67	-
68	}
69	- // end of ~~ajax_check_permissions~~()
70	-
71
72	protected function get_caps_to_remove() {
73
	@@ -80,9 +90,8 @@ class URE_Ajax_Processor {
80
81
82	protected function get_users_without_role() {
83	- global $wp_roles;
84
85	- $new_role = ~~filter_input~~(~~INPUT_POST,~~ 'new_role', ~~FILTER_SANITIZE_STRING~~);
86	if (empty($new_role)) {
87	$answer = array('result'=>'error', 'message'=>'Provide new role');
88	return $answer;
	@@ -93,17 +102,14 @@ class URE_Ajax_Processor {
93	$assign_role->create_no_rights_role();
94	}
95
96	- if (~~!isset($wp_roles~~)~~) {~~
97	- $wp_roles = new WP_Roles();
98	- }
99	if (!isset($wp_roles->roles[$new_role])) {
100	$answer = array('result'=>'error', 'message'=>'Selected new role does not exist');
101	return $answer;
102	}
103
104	- $users = $assign_role->get_users_without_role(~~$new_role~~);
105	-
106	- $answer = array('result'=>'success', 'users'=>$users, 'new_role'=>$new_role, 'message'=>'success');
107
108	return $answer;
109	}
	@@ -131,7 +137,8 @@ class URE_Ajax_Processor {
131
132
133	protected function get_role_caps() {
134	- ~~$role = filter_input(INPUT_POST, 'role', FILTER_SANITIZE_STRING);~~

135	if (empty($role)) {
136	$answer = array('result'=>'error', 'message'=>'Provide role ID');
137	return $answer;
	@@ -165,6 +172,7 @@ class URE_Ajax_Processor {
165
166
167	protected function _dispatch() {

168	switch ($this->action) {
169	case 'get_caps_to_remove':
170	$answer = $this->get_caps_to_remove();
	@@ -182,7 +190,7 @@ class URE_Ajax_Processor {
182	$answer = $this->get_role_caps();
183	break;
184	default:
185	- $answer = array('result' => 'error', 'message' => '~~unknown~~ action "' . $this->action . '"');
186	}
187
188	return $answer;
	@@ -195,14 +203,19 @@ class URE_Ajax_Processor {
195	*/
196	public function dispatch() {
197
198	- $this->get_action();
199	- $this->~~ajax_check_permissions~~();



200	$answer = $this->_dispatch();
201
202	$json_answer = json_encode($answer);
203	echo $json_answer;
204	die;
205	- }


206
207	}
208	// end of URE_Ajax_Processor


16	class URE_Ajax_Processor {
17
18	protected $lib = null;
19	+ protected $action = null;
20	+ protected $debug = null;
21
22	+
23	+ public function __construct( ) {
24
25	+ $this->lib = URE_Lib::get_instance();
26	+ $this->debug = ( defined('WP_PHP_UNIT_TEST') && WP_PHP_UNIT_TEST==true );
27
28	}
29	// end of __construct()
30
31
32	protected function get_action() {
33	+ $action = $this->lib->get_request_var( 'sub_action', 'post' );
34	if (empty($action)) {
35	+ $action = $this->lib->get_request_var( 'sub_action', 'get' );
36	}
37	+


38	return $action;
39	}
40	+ // end of get_action()
41
42
43	protected function get_required_cap() {

53	// end of get_required_cap()
54
55
56	+ protected function valid_nonce() {
57
58	+ if ( !isset($_REQUEST['wp_nonce']) \|\| !wp_verify_nonce( $_REQUEST['wp_nonce'], 'user-role-editor' ) ) {
59	echo json_encode(array('result'=>'error', 'message'=>'URE: Wrong or expired request'));
60	+ return false;
61	+ } else {
62	+ return true;
63	}
64
65	+ }
66	+ // end of check_nonce()
67	+
68	+
69	+ protected function user_can() {
70	+
71	$capability = $this->get_required_cap();
72	+ if ( !current_user_can( $capability ) ) {
73	+ echo json_encode( array('result'=>'error', 'message'=>'URE: Insufficient permissions') );
74	+ return false;
75	+ } else {
76	+ return true;
77	}

78	}
79	+ // end of check_user_cap()
80	+
81
82	protected function get_caps_to_remove() {
83

90
91
92	protected function get_users_without_role() {

93
94	+ $new_role = $this->lib->get_request_var( 'new_role', 'post' );
95	if (empty($new_role)) {
96	$answer = array('result'=>'error', 'message'=>'Provide new role');
97	return $answer;

102	$assign_role->create_no_rights_role();
103	}
104
105	+ $wp_roles = wp_roles();


106	if (!isset($wp_roles->roles[$new_role])) {
107	$answer = array('result'=>'error', 'message'=>'Selected new role does not exist');
108	return $answer;
109	}
110
111	+ $users = $assign_role->get_users_without_role();
112	+ $answer = array( 'result'=>'success', 'users'=>$users, 'new_role'=>$new_role, 'message'=>'success' );

113
114	return $answer;
115	}

137
138
139	protected function get_role_caps() {
140	+
141	+ $role = $this->lib->get_request_var('role', 'post' );
142	if (empty($role)) {
143	$answer = array('result'=>'error', 'message'=>'Provide role ID');
144	return $answer;

172
173
174	protected function _dispatch() {
175	+
176	switch ($this->action) {
177	case 'get_caps_to_remove':
178	$answer = $this->get_caps_to_remove();

190	$answer = $this->get_role_caps();
191	break;
192	default:
193	+ $answer = array('result' => 'error', 'message' => 'Unknown action "' . $this->action . '"');
194	}
195
196	return $answer;

203	*/
204	public function dispatch() {
205
206	+ $this->action = $this->get_action();
207	+ if ( !$this->valid_nonce() \|\| !$this->user_can() ) {
208	+ die;
209	+ }
210	+
211	$answer = $this->_dispatch();
212
213	$json_answer = json_encode($answer);
214	echo $json_answer;
215	die;
216	+
217	+ }
218	+ // end of dispatch()
219
220	}
221	// end of URE_Ajax_Processor

includes/classes/assign-role.php CHANGED Viewed

	@@ -102,7 +102,7 @@ class URE_Assign_Role {
102	$query = "SELECT COUNT(DISTINCT usermeta.user_id) {$part2}";
103	} else {
104	$where = $this->get_thorougly_where_condition();
105	- $query = "SELECT count(ID) ~~from~~ {$wpdb->users} users {$where}";
106	}
107
108	return $query;
	@@ -126,7 +126,7 @@ class URE_Assign_Role {
126	// end of count_users_without_role()
127
128
129	- public function get_users_without_role(~~$new_role=''~~) {
130	global $wpdb;
131
132	$top_limit = self::MAX_USERS_TO_PROCESS;


102	$query = "SELECT COUNT(DISTINCT usermeta.user_id) {$part2}";
103	} else {
104	$where = $this->get_thorougly_where_condition();
105	+ $query = "SELECT count(ID) FROM {$wpdb->users} users {$where}";
106	}
107
108	return $query;

126	// end of count_users_without_role()
127
128
129	+ public function get_users_without_role() {
130	global $wpdb;
131
132	$top_limit = self::MAX_USERS_TO_PROCESS;

includes/classes/base-lib.php CHANGED Viewed

	@@ -53,6 +53,7 @@ class URE_Base_Lib {
53
54	if (!property_exists($this, $property_name)) {
55	syslog(LOG_ERR, 'Lib class does not have such property '. $property_name);

56	}
57
58	return $this->$property_name;
	@@ -74,31 +75,12 @@ class URE_Base_Lib {
74	public function get_main_site() {
75	global $current_site;
76
77	- ~~return~~ $current_site->blog_id;


78	}
79	// end of get_main_site()
80
81	-
82	-
83	- /**
84	- * Returns the array of multi-site WP sites/blogs IDs for the current network
85	- * @global wpdb $wpdb
86	- * @return array
87	- */
88	- public function get_blog_ids() {
89	- global $wpdb;
90	-
91	- $network = get_current_site();
92	- $query = $wpdb->prepare(
93	- "SELECT blog_id FROM {$wpdb->blogs}
94	- WHERE site_id=%d ORDER BY blog_id ASC",
95	- array($network->id));
96	- $blog_ids = $wpdb->get_col($query);
97	-
98	- return $blog_ids;
99	- }
100	- // end of get_blog_ids()
101	-
102
103	/**
104	* get current options for this plugin
	@@ -127,6 +109,7 @@ class URE_Base_Lib {
127	}
128	}
129	// end of show_message()

130
131	/**
132	* Returns value by name from GET/POST/REQUEST. Minimal type checking is provided
	@@ -328,6 +311,30 @@ class URE_Base_Lib {
328	// end of esc_sql_in_list()
329
330
























331	/**
332	* Private clone method to prevent cloning of the instance of the
333	* Singleton instance.
	@@ -351,4 +358,4 @@ class URE_Base_Lib {
351	// end of __wakeup()
352
353	}
354	- // end of URE_Base_Lib class


53
54	if (!property_exists($this, $property_name)) {
55	syslog(LOG_ERR, 'Lib class does not have such property '. $property_name);
56	+ return null;
57	}
58
59	return $this->$property_name;

75	public function get_main_site() {
76	global $current_site;
77
78	+ $blog_id = is_object($current_site) ? $current_site->blog_id : null;
79	+
80	+ return $blog_id;
81	}
82	// end of get_main_site()
83





















84
85	/**
86	* get current options for this plugin

109	}
110	}
111	// end of show_message()
112	+
113
114	/**
115	* Returns value by name from GET/POST/REQUEST. Minimal type checking is provided

311	// end of esc_sql_in_list()
312
313
314	+ /**
315	+ * Returns the array of multi-site WP sites/blogs IDs for the current network
316	+ * @global wpdb $wpdb
317	+ * @return array
318	+ */
319	+ public function get_blog_ids() {
320	+ global $wpdb;
321	+
322	+ if (!$this->multisite) {
323	+ return null;
324	+ }
325	+
326	+ $network = get_current_site();
327	+ $query = $wpdb->prepare(
328	+ "SELECT blog_id FROM {$wpdb->blogs}
329	+ WHERE site_id=%d ORDER BY blog_id ASC",
330	+ array( $network->id ) );
331	+ $blog_ids = $wpdb->get_col( $query );
332	+
333	+ return $blog_ids;
334	+ }
335	+ // end of get_blog_ids()
336	+
337	+
338	/**
339	* Private clone method to prevent cloning of the instance of the
340	* Singleton instance.

358	// end of __wakeup()
359
360	}
361	+ // end of URE_Base_Lib class

includes/classes/capabilities-groups-manager.php CHANGED Viewed

@@ -387,6 +387,30 @@ class URE_Capabilities_Groups_Manager {
                     return $groups;
+                }
                 // end of get_cap_groups()
+            }
             // end of class URE_Capabilities_Groups_Manager


387	return $groups;
388	}
389	// end of get_cap_groups()
390	+
391	+
392	+ /**
393	+ * Private clone method to prevent cloning of the instance of the
394	+ * Singleton instance.
395	+ *
396	+ * @return void
397	+ */
398	+ private function __clone() {
399	+
400	+ }
401	+ // end of __clone()
402	+
403	+ /**
404	+ * Private unserialize method to prevent unserializing of the Singleton
405	+ * instance.
406	+ *
407	+ * @return void
408	+ */
409	+ private function __wakeup() {
410	+
411	+ }
412	+ // end of __wakeup()
413	+
414
415	}
416	// end of class URE_Capabilities_Groups_Manager

includes/classes/capabilities.php ADDED Viewed

	@@ -0,0 +1,377 @@


1	+ <?php
2	+ /**
3	+ * Class to prepare full user capabilities list for URE editor
4	+ *
5	+ * @package User-Role-Editor
6	+ * @subpackage Admin
7	+ * @author Vladimir Garagulia <support@role-editor.com>
8	+ * @copyright Copyright (c) 2010 - 2019, Vladimir Garagulia
9	+ **/
10	+ class URE_Capabilities {
11	+
12	+ private static $instance = null;
13	+ private $lib = null;
14	+ private $built_in_wp_caps = null;
15	+
16	+
17	+ public static function get_instance() {
18	+
19	+ if (self::$instance === null) {
20	+ // new static() will work too
21	+ self::$instance = new URE_Capabilities();
22	+ }
23	+
24	+ return self::$instance;
25	+ }
26	+ // end of get_instance()
27	+
28	+
29	+ private function __construct() {
30	+
31	+ $this->lib = URE_Lib::get_instance();
32	+ $this->built_in_wp_caps = $this->lib->get_built_in_wp_caps();
33	+
34	+ }
35	+ // end of __construct()
36	+
37	+
38	+ protected function convert_cap_to_readable( $cap_name ) {
39	+
40	+ $cap_name = str_replace('_', ' ', $cap_name);
41	+ $cap_name = ucfirst($cap_name);
42	+
43	+ return $cap_name;
44	+ }
45	+ // convert_cap_to_readable
46	+
47	+
48	+ protected function add_capability_to_full_caps_list( $cap_id, &$full_list ) {
49	+ if ( isset( $full_list[$cap_id] ) ) { // if capability was not added yet
50	+ return;
51	+ }
52	+
53	+ $cap = array();
54	+ $cap['inner'] = $cap_id;
55	+ $cap['human'] = esc_html__( $this->convert_cap_to_readable( $cap_id) , 'user-role-editor' );
56	+ if ( isset( $this->built_in_wp_caps[$cap_id] ) ) {
57	+ $cap['wp_core'] = true;
58	+ } else {
59	+ $cap['wp_core'] = false;
60	+ }
61	+
62	+ $full_list[$cap_id] = $cap;
63	+ }
64	+ // end of add_capability_to_full_caps_list()
65	+
66	+
67	+ /**
68	+ * Add capabilities from user roles save at WordPress database
69	+ *
70	+ */
71	+ protected function add_roles_caps( &$full_list ) {
72	+
73	+ $roles = $this->lib->get_user_roles();
74	+ foreach ($roles as $role) {
75	+ // validate if capabilities is an array
76	+ if (!isset($role['capabilities']) \|\| !is_array($role['capabilities'])) {
77	+ continue;
78	+ }
79	+ foreach (array_keys($role['capabilities']) as $cap) {
80	+ $this->add_capability_to_full_caps_list($cap, $full_list );
81	+ }
82	+ }
83	+
84	+ }
85	+ // end of add_roles_caps()
86	+
87	+
88	+ /**
89	+ * Add Gravity Forms plugin capabilities, if available
90	+ *
91	+ */
92	+ protected function add_gravity_forms_caps( &$full_list ) {
93	+
94	+ if ( !class_exists( 'GFCommon' ) ) {
95	+ return;
96	+ }
97	+
98	+ $gf_caps = GFCommon::all_caps();
99	+ foreach ( $gf_caps as $gf_cap ) {
100	+ $this->add_capability_to_full_caps_list( $gf_cap, $full_list );
101	+ }
102	+
103	+ }
104	+ // end of add_gravity_forms_caps()
105	+
106	+
107	+ /**
108	+ * Add bbPress plugin user capabilities (if available)
109	+ */
110	+ protected function add_bbpress_caps( &$full_list ) {
111	+
112	+ $bbpress = $this->lib->get_bbpress();
113	+ if (!$bbpress->is_active()) {
114	+ return;
115	+ }
116	+
117	+ $caps = $bbpress->get_caps();
118	+ foreach ( $caps as $cap ) {
119	+ $this->add_capability_to_full_caps_list( $cap, $full_list );
120	+ }
121	+ }
122	+ // end of add_bbpress_caps()
123	+
124	+
125	+ /**
126	+ * Provide compatibility with plugins and themes which define their custom user capabilities using
127	+ * 'members_get_capabilities' filter from Justin Tadlock Members plugin
128	+ * https://wordpress.org/plugins/members/
129	+ *
130	+ */
131	+ protected function add_members_caps( &$full_list ) {
132	+
133	+ $custom_caps = array();
134	+ $custom_caps = apply_filters( 'members_get_capabilities', $custom_caps );
135	+ foreach ( $custom_caps as $cap ) {
136	+ $this->add_capability_to_full_caps_list( $cap, $full_list );
137	+ }
138	+
139	+ }
140	+ // end of add_members_caps()
141	+
142	+
143	+ /**
144	+ * Add capabilities assigned directly to user, and not included into any role
145	+ *
146	+ */
147	+ protected function add_user_caps( &$full_list ) {
148	+
149	+ $editor = URE_Editor::get_instance();
150	+ $user = $editor->get('user_to_edit');
151	+ $roles = $editor->get('roles');
152	+ foreach(array_keys($user->caps) as $cap) {
153	+ if (!isset($roles[$cap])) { // it is the user capability, not role
154	+ $this->add_capability_to_full_caps_list( $cap, $full_list );
155	+ }
156	+ }
157	+
158	+ }
159	+ // end of add_user_caps()
160	+
161	+
162	+ /**
163	+ * Add built-in WordPress caps in case some were not included to the roles for some reason
164	+ *
165	+ */
166	+ protected function add_wordpress_caps( &$full_list ) {
167	+
168	+ foreach ( array_keys( $this->built_in_wp_caps ) as $cap ) {
169	+ $this->add_capability_to_full_caps_list( $cap, $full_list );
170	+ }
171	+
172	+ }
173	+ // end of add_wordpress_caps()
174	+
175	+
176	+ protected function add_create_cap_to_admin( $post_type_name ) {
177	+ global $wp_roles;
178	+
179	+ $post_type = get_post_type_object( $post_type_name );
180	+ if ( $post_type->cap->create_posts!=='edit_'. $post_type->name .'s' ) { // 'create' capability is active
181	+ if ( !isset( $wp_roles->role_objects['administrator']->capabilities[$post_type->cap->create_posts] ) ) {
182	+ $wp_roles->role_objects['administrator']->add_cap( $post_type->cap->create_posts, true );
183	+ }
184	+ }
185	+
186	+ }
187	+ // end of add_create_caps_to_admin()
188	+
189	+
190	+ protected function add_custom_post_type_caps( &$full_list ) {
191	+ global $wp_roles;
192	+
193	+ $multisite = $this->lib->get( 'multisite' );
194	+ $capabilities = $this->lib->get_edit_post_capabilities();
195	+ $post_types = get_post_types( array(), 'objects' );
196	+ $_post_types = $this->lib->_get_post_types();
197	+ // do not forget attachment post type as it may use the own capabilities set
198	+ $attachment_post_type = get_post_type_object( 'attachment' );
199	+ if ( $attachment_post_type->cap->edit_posts!=='edit_posts' ) {
200	+ $post_types['attachment'] = $attachment_post_type;
201	+ }
202	+
203	+ foreach( $post_types as $post_type ) {
204	+ if ( !isset( $_post_types[$post_type->name] ) ) {
205	+ continue;
206	+ }
207	+ if ( !isset($post_type->cap) ) {
208	+ continue;
209	+ }
210	+ foreach( $capabilities as $capability ) {
211	+ if ( !isset( $post_type->cap->$capability ) ) {
212	+ continue;
213	+ }
214	+ $cap_to_check = $post_type->cap->$capability;
215	+ $this->add_capability_to_full_caps_list( $cap_to_check, $full_list );
216	+ if ( !$multisite &&
217	+ isset($wp_roles->role_objects['administrator']) &&
218	+ !isset($wp_roles->role_objects['administrator']->capabilities[$cap_to_check])) {
219	+ // admin should be capable to edit any posts
220	+ $wp_roles->role_objects['administrator']->add_cap($cap_to_check, true);
221	+ }
222	+ }
223	+ }
224	+
225	+ if ( !$multisite && isset( $wp_roles->role_objects['administrator'] ) ) {
226	+ // admin should be capable to create posts and pages
227	+ foreach( array( 'post', 'page' ) as $post_type_name ) {
228	+ $this->add_create_cap_to_admin( $post_type_name );
229	+ }
230	+ }
231	+
232	+ }
233	+ // end of add_custom_post_type_caps()
234	+
235	+
236	+ /**
237	+ * Add capabilities for URE permissions system in case some were excluded from Administrator role
238	+ *
239	+ */
240	+ protected function add_ure_caps( &$full_list ) {
241	+
242	+ $key_cap = URE_Own_Capabilities::get_key_capability();
243	+ if ( !current_user_can( $key_cap ) ) {
244	+ return;
245	+ }
246	+ $ure_caps = URE_Own_Capabilities::get_caps();
247	+ foreach(array_keys($ure_caps) as $cap) {
248	+ $this->add_capability_to_full_caps_list( $cap, $full_list );
249	+ }
250	+
251	+ }
252	+ // end of add_ure_caps()
253	+
254	+
255	+ public function init_full_list( $ure_object ) {
256	+
257	+ $full_list = array();
258	+ $this->add_roles_caps( $full_list );
259	+ $this->add_gravity_forms_caps( $full_list );
260	+ $this->add_bbpress_caps( $full_list );
261	+ $this->add_members_caps( $full_list );
262	+ if ($ure_object=='user') {
263	+ $this->add_user_caps( $full_list );
264	+ }
265	+ $this->add_wordpress_caps( $full_list );
266	+ $this->add_custom_post_type_caps( $full_list );
267	+ $this->add_ure_caps( $full_list );
268	+ asort( $full_list );
269	+ $full_list = apply_filters('ure_full_capabilites', $full_list);
270	+
271	+ return $full_list;
272	+ }
273	+ // end of init_full_list();
274	+
275	+
276	+ /**
277	+ * Build full capabilities list from all roles
278	+ */
279	+ private function get_full_caps_list_from_roles() {
280	+ $wp_roles = wp_roles();
281	+ // build full capabilities list from all roles
282	+ $full_caps_list = array();
283	+ foreach ($wp_roles->roles as $role) {
284	+ // validate if capabilities is an array
285	+ if (isset($role['capabilities']) && is_array($role['capabilities'])) {
286	+ foreach ($role['capabilities'] as $capability => $value) {
287	+ if (!isset($full_caps_list[$capability])) {
288	+ $full_caps_list[$capability] = 1;
289	+ }
290	+ }
291	+ }
292	+ }
293	+
294	+ return $full_caps_list;
295	+ }
296	+ // end of get_full_caps_list_from_roles()
297	+
298	+
299	+ /**
300	+ * Returns array of WPBakery Visual Composer plugin capabilities
301	+ * extracted by 'vc_access_rules_' prefix
302	+ */
303	+ protected function get_visual_composer_caps($full_caps_list) {
304	+ $caps = array();
305	+ foreach(array_keys($full_caps_list) as $cap) {
306	+ if (strpos($cap, 'vc_access_rules_')!==false) {
307	+ $caps[$cap] = 1;
308	+ }
309	+ }
310	+
311	+ return $caps;
312	+ }
313	+ // end of get_visual_composer_caps()
314	+
315	+
316	+ /**
317	+ * return the array of unused user capabilities
318	+ *
319	+ * @global WP_Roles $wp_roles
320	+ * @return array
321	+ */
322	+ public function get_caps_to_remove() {
323	+
324	+ $wp_roles = wp_roles();
325	+ $full_caps_list = $this->get_full_caps_list_from_roles();
326	+ $caps_to_exclude = $this->built_in_wp_caps;
327	+ $ure_caps = URE_Own_Capabilities::get_caps();
328	+ $visual_composer_caps = $this->get_visual_composer_caps($full_caps_list);
329	+ $caps_to_exclude = array_merge($caps_to_exclude, $ure_caps, $visual_composer_caps);
330	+
331	+ $caps_to_remove = array();
332	+ $caps = array_keys( $full_caps_list );
333	+ foreach ( $caps as $cap ) {
334	+ if ( isset( $caps_to_exclude[$cap] ) ) { // do not touch built-in WP caps, URE own caps and Visual Composer caps
335	+ continue;
336	+ }
337	+
338	+ // check roles
339	+ $cap_in_use = false;
340	+ foreach ( $wp_roles->role_objects as $wp_role ) {
341	+ if ( $wp_role->name === 'administrator' ) {
342	+ continue;
343	+ }
344	+ if ( $wp_role->has_cap( $cap ) ) {
345	+ $cap_in_use = true;
346	+ break;
347	+ }
348	+ }
349	+ if ( !$cap_in_use ) {
350	+ $caps_to_remove[$cap] = 1;
351	+ }
352	+ } // foreach(...)
353	+
354	+ return $caps_to_remove;
355	+ }
356	+ // end of get_caps_to_remove()
357	+
358	+
359	+ /**
360	+ * Private clone method to prevent cloning of the instance of the
361	+ * Singleton instance.
362	+ *
363	+ * @return void
364	+ */
365	+ private function __clone() { }
366	+
367	+ /**
368	+ * Private unserialize method to prevent unserializing of the Singleton
369	+ * instance.
370	+ *
371	+ * @return void
372	+ */
373	+ private function __wakeup() { }
374	+
375	+
376	+ }
377	+ // end of URE_Capabilities class

includes/classes/capability.php CHANGED Viewed

	@@ -72,7 +72,7 @@ class URE_Capability {
72	* @global WP_Roles $wp_roles
73	* @return string
74	*/
75	- public static function add() {
76	global $wp_roles;
77
78	if (!current_user_can('ure_create_capabilities')) {
	@@ -92,8 +92,7 @@ class URE_Capability {
92	$cap_id = $data['cap_id'];
93	$lib = URE_Lib::get_instance();
94	$lib->get_user_roles();
95	- $lib->init_full_capabilities();
96	- $full_capabilities = $lib->get('full_capabilities');
97	if (!isset($full_capabilities[$cap_id])) {
98	$admin_role = $lib->get_admin_role();
99	$wp_roles->use_db = true;
	@@ -190,25 +189,26 @@ class URE_Capability {
190	return esc_html__('Insufficient permissions to work with User Role Editor','user-role-editor');
191	}
192
193	- $~~lib~~ = ~~URE_Lib~~::get_instance();
194	$mess = '';
195	- $caps_allowed_to_remove = $~~lib~~->get_caps_to_remove();
196	if (!is_array($caps_allowed_to_remove) \|\| count($caps_allowed_to_remove) == 0) {
197	return esc_html__('There are no capabilities available for deletion!', 'user-role-editor');
198	}
199
200	- $~~capabilities~~ = self::get_caps_for_deletion_from_post($caps_allowed_to_remove);
201	- if (empty($~~capabilities~~)) {
202	return esc_html__('There are no capabilities available for deletion!', 'user-role-editor');
203	}
204
205	- self::revoke_caps($~~capabilities~~);
206
207	- if (count($~~capabilities~~)==1) {
208	- $mess = sprintf(esc_html__('Capability %s was removed successfully', 'user-role-editor'), $~~capabilities~~[0]);
209	} else {
210	- $~~short_list_str~~ = ~~$lib->get_short_list_str~~(~~$capabilities~~);
211	- $~~mess~~ = ~~count(~~$~~capabilities) .' '. esc_html__~~(~~'capabilities~~ ~~were~~ ~~removed successfully', 'user-role-editor'~~) ~~.': '.~~

212	$short_list_str;
213	}
214


72	* @global WP_Roles $wp_roles
73	* @return string
74	*/
75	+ public static function add( $ure_object ) {
76	global $wp_roles;
77
78	if (!current_user_can('ure_create_capabilities')) {

92	$cap_id = $data['cap_id'];
93	$lib = URE_Lib::get_instance();
94	$lib->get_user_roles();
95	+ $full_capabilities = $lib->init_full_capabilities( $ure_object );

96	if (!isset($full_capabilities[$cap_id])) {
97	$admin_role = $lib->get_admin_role();
98	$wp_roles->use_db = true;

189	return esc_html__('Insufficient permissions to work with User Role Editor','user-role-editor');
190	}
191
192	+ $capabilities = URE_Capabilities::get_instance();
193	$mess = '';
194	+ $caps_allowed_to_remove = $capabilities->get_caps_to_remove();
195	if (!is_array($caps_allowed_to_remove) \|\| count($caps_allowed_to_remove) == 0) {
196	return esc_html__('There are no capabilities available for deletion!', 'user-role-editor');
197	}
198
199	+ $caps = self::get_caps_for_deletion_from_post($caps_allowed_to_remove);
200	+ if (empty($caps)) {
201	return esc_html__('There are no capabilities available for deletion!', 'user-role-editor');
202	}
203
204	+ self::revoke_caps($caps);
205
206	+ if (count($caps)==1) {
207	+ $mess = sprintf(esc_html__('Capability %s was removed successfully', 'user-role-editor'), $caps[0]);
208	} else {
209	+ $lib = URE_Lib::get_instance();
210	+ $short_list_str = $lib->get_short_list_str( $caps );
211	+ $mess = count($caps) .' '. esc_html__('capabilities were removed successfully', 'user-role-editor') .': '.
212	$short_list_str;
213	}
214

includes/classes/editor.php ADDED Viewed

	@@ -0,0 +1,1379 @@


1	+ <?php
2	+ /**
3	+ * Role capabilities editor class
4	+ *
5	+ * @package User-Role-Editor
6	+ * @subpackage Editor
7	+ * @author Vladimir Garagulya <support@role-editor.com>
8	+ * @copyright Copyright (c) 2010 - 2019, Vladimir Garagulia
9	+ **/
10	+ class URE_Editor {
11	+
12	+ private static $instance = null;
13	+
14	+ protected $lib = null;
15	+
16	+ protected $role_additional_options = null;
17	+ protected $apply_to_all = 0;
18	+ protected $capabilities_to_save = null;
19	+ protected $caps_columns_quant = 1;
20	+ protected $caps_readable = false;
21	+ protected $current_role = '';
22	+ protected $current_role_name = '';
23	+ protected $full_capabilities = false;
24	+ protected $hide_pro_banner = false;
25	+ protected $notification = ''; // notification message to show on page
26	+ protected $roles = null;
27	+ protected $show_deprecated_caps = false;
28	+ protected $ure_object = 'role'; // what to process, 'role' or 'user'
29	+ protected $user_to_edit = null;
30	+ protected $wp_default_role = '';
31	+
32	+
33	+ public static function get_instance() {
34	+
35	+ if (self::$instance === null) {
36	+ // new static() will work too
37	+ self::$instance = new URE_Editor();
38	+ }
39	+
40	+ return self::$instance;
41	+ }
42	+ // end of get_instance()
43	+
44	+
45	+ private function __construct() {
46	+
47	+ $this->lib = URE_Lib::get_instance();
48	+ }
49	+ // end of __construct()
50	+
51	+
52	+ public function get($property_name) {
53	+
54	+ if (!property_exists($this, $property_name)) {
55	+ syslog(LOG_ERR, 'URE_Editor class does not have such property '. $property_name);
56	+ return null;
57	+ }
58	+
59	+ return $this->$property_name;
60	+ }
61	+ // end of get_property()
62	+
63	+
64	+ public function get_edit_user_caps_mode() {
65	+
66	+ $multisite = $this->lib->get('multisite');
67	+ if ($multisite && $this->lib->is_super_admin()) {
68	+ return 1;
69	+ }
70	+
71	+ $edit_user_caps = $this->lib->get_option('edit_user_caps', 1);
72	+
73	+ return $edit_user_caps;
74	+ }
75	+ // end of get_edit_user_caps_mode()
76	+
77	+
78	+
79	+ // validate information about user we intend to edit
80	+ protected function check_user_to_edit() {
81	+
82	+ if ( $this->ure_object ==='user' ) {
83	+ if ( !isset($_REQUEST['user_id'] ) ) {
84	+ return false; // user_id value is missed
85	+ }
86	+ $user_id = filter_var( $_REQUEST['user_id'], FILTER_VALIDATE_INT );
87	+ if ( empty( $user_id ) ) {
88	+ return false;
89	+ }
90	+ $this->user_to_edit = get_user_to_edit( $user_id );
91	+ if ( empty( $this->user_to_edit ) ) {
92	+ return false;
93	+ }
94	+
95	+ }
96	+
97	+ return true;
98	+ }
99	+ // end of check_user_to_edit()
100	+
101	+
102	+ protected function get_caps_columns_quant() {
103	+
104	+ if ( isset( $_POST['caps_columns_quant'] ) && in_array( $_POST['caps_columns_quant'], array(1,2,3) ) ) {
105	+ $value = (int) filter_var( $_POST['caps_columns_quant'], FILTER_VALIDATE_INT );
106	+ set_site_transient( 'ure_caps_columns_quant', $value, URE_Lib::TRANSIENT_EXPIRATION );
107	+ } else {
108	+ $value = get_site_transient( 'ure_caps_columns_quant' );
109	+ if ( $value===false ) {
110	+ $value = $this->lib->get_option( 'caps_columns_quant', 1 );
111	+ }
112	+ }
113	+
114	+ return $value;
115	+ }
116	+ // end of get_caps_columns_quant()
117	+
118	+
119	+ protected function init0() {
120	+ $this->caps_readable = get_site_transient( 'ure_caps_readable' );
121	+ if ( false === $this->caps_readable ) {
122	+ $this->caps_readable = $this->lib->get_option( 'ure_caps_readable' );
123	+ set_site_transient( 'ure_caps_readable', $this->caps_readable, URE_Lib::TRANSIENT_EXPIRATION );
124	+ }
125	+ $this->show_deprecated_caps = get_site_transient( 'ure_show_deprecated_caps' );
126	+ if ( false === $this->show_deprecated_caps ) {
127	+ $this->show_deprecated_caps = $this->lib->get_option( 'ure_show_deprecated_caps' );
128	+ set_site_transient( 'ure_show_deprecated_caps', $this->show_deprecated_caps, URE_Lib::TRANSIENT_EXPIRATION );
129	+ }
130	+
131	+ $this->hide_pro_banner = $this->lib->get_option( 'ure_hide_pro_banner', 0 );
132	+ $this->wp_default_role = get_option( 'default_role' );
133	+
134	+ // could be sent as via POST, as via GET
135	+ if ( isset( $_REQUEST['object'] ) ) {
136	+ $this->ure_object = $_REQUEST['object'];
137	+ if ( !$this->check_user_to_edit() ) {
138	+ return false;
139	+ }
140	+ } else {
141	+ $this->ure_object = 'role';
142	+ }
143	+
144	+ $this->apply_to_all = $this->lib->get_request_var('ure_apply_to_all', 'post', 'checkbox');
145	+ $this->caps_columns_quant = $this->get_caps_columns_quant();
146	+
147	+ return true;
148	+ }
149	+ // end of init0()
150	+
151	+
152	+ protected function valid_nonce() {
153	+
154	+ if ( empty( $_POST['ure_nonce'] ) \|\| !wp_verify_nonce( $_POST['ure_nonce'], 'user-role-editor' ) ) {
155	+ echo '<h3>Wrong or older request (invalid nonce value). Action prohibited.</h3>';
156	+ return false;
157	+ }
158	+
159	+ return true;
160	+ }
161	+ // end of check_nonce()
162	+
163	+
164	+ protected function set_caps_readable() {
165	+
166	+ if ($this->caps_readable) {
167	+ $this->caps_readable = 0;
168	+ } else {
169	+ $this->caps_readable = 1;
170	+ }
171	+ set_site_transient( 'ure_caps_readable', $this->caps_readable, URE_Lib::TRANSIENT_EXPIRATION );
172	+
173	+ }
174	+ // end of caps_readable()
175	+
176	+
177	+ protected function set_show_deprecated_caps() {
178	+ if ($this->show_deprecated_caps) {
179	+ $this->show_deprecated_caps = 0;
180	+ } else {
181	+ $this->show_deprecated_caps = 1;
182	+ }
183	+ set_site_transient( 'ure_show_deprecated_caps', $this->show_deprecated_caps, URE_Lib::TRANSIENT_EXPIRATION );
184	+ }
185	+ // end of set_show_deprecated_caps()
186	+
187	+
188	+ protected function hide_pro_banner() {
189	+
190	+ $this->hide_pro_banner = 1;
191	+ $this->lib->put_option('ure_hide_pro_banner', 1);
192	+ $this->lib->flush_options();
193	+
194	+ }
195	+ // end of hide_pro_banner()
196	+
197	+
198	+ protected function init_current_role_name() {
199	+
200	+ $this->current_role = '';
201	+ $this->current_role_name = '';
202	+ if ( !isset( $_POST['user_role'] ) ) {
203	+ $mess = esc_html__('Error: ', 'user-role-editor') . esc_html__('Wrong request!', 'user-role-editor');
204	+ } else if ( !isset($this->roles[$_POST['user_role']]) ) {
205	+ $mess = esc_html__('Error: ', 'user-role-editor') . esc_html__('Role', 'user-role-editor') . ' <em>' . esc_html($_POST['user_role']) . '</em> ' .
206	+ esc_html__('does not exist', 'user-role-editor');
207	+ } else {
208	+ $this->current_role = $_POST['user_role'];
209	+ $this->current_role_name = $this->roles[$this->current_role]['name'];
210	+ $mess = '';
211	+ }
212	+
213	+ return $mess;
214	+ }
215	+ // end of init_current_role_name()
216	+
217	+
218	+ // Add existing WPBakery Visial Composer () plugin capabilities from this role to the list of capabilities for save with this role update -
219	+ // Visual Composer capabilities are excluded from a role update as they may store not boolean values.
220	+ protected function restore_visual_composer_caps() {
221	+
222	+ if (!isset($this->roles[$this->current_role]) \|\| !is_array($this->roles[$this->current_role]['capabilities'])) {
223	+ return false;
224	+ }
225	+
226	+ foreach($this->roles[$this->current_role]['capabilities'] as $cap=>$value) {
227	+ if (strpos($cap, 'vc_access_rules_')!==false) {
228	+ $this->capabilities_to_save[$cap] = $value;
229	+ }
230	+ }
231	+
232	+ return true;
233	+ }
234	+ // end of restore_visual_composer_caps()
235	+
236	+
237	+ /**
238	+ * prepare capabilities from user input to save at the database
239	+ */
240	+ protected function prepare_capabilities_to_save() {
241	+
242	+ $this->capabilities_to_save = array();
243	+ if (empty($this->full_capabilities)) {
244	+ return; // There is no valid initialization
245	+ }
246	+
247	+ foreach ( $this->full_capabilities as $cap ) {
248	+ $cap_id_esc = URE_Capability::escape( $cap['inner'] );
249	+ if ( isset( $_POST[$cap_id_esc] ) ) {
250	+ $this->capabilities_to_save[ $cap['inner'] ] = true;
251	+ }
252	+ }
253	+
254	+ $this->restore_visual_composer_caps();
255	+ }
256	+ // end of prepare_capabilities_to_save()
257	+
258	+
259	+ /**
260	+ * Make full synchronization of roles for all sites with roles from the main site directly updating database records
261	+ *
262	+ * @return boolean
263	+ */
264	+ protected function is_full_network_synch() {
265	+
266	+ if (is_network_admin()) { // for Pro version
267	+ $result = true;
268	+ } else {
269	+ $result = defined('URE_MULTISITE_DIRECT_UPDATE') && URE_MULTISITE_DIRECT_UPDATE == 1;
270	+ }
271	+
272	+ return $result;
273	+ }
274	+ // end of is_full_network_synch()
275	+
276	+
277	+ protected function last_check_before_update() {
278	+
279	+ if ( empty($this->roles ) \|\| !is_array( $this->roles ) \|\| count( $this->roles )===0 ) {
280	+ // Nothing to save - something goes wrong - stop execution...
281	+ return false;
282	+ }
283	+
284	+ $key_capability = URE_Own_Capabilities::get_key_capability();
285	+ if ( current_user_can( $key_capability ) ) {
286	+ // current user is an URE admin
287	+ return true;
288	+ }
289	+
290	+ if ( !current_user_can( 'ure_edit_roles' ) ) {
291	+ // Not enough permissions
292	+ return false;
293	+ }
294	+
295	+ $current_user = wp_get_current_user();
296	+ if ( in_array( $this->current_role, $current_user->roles ) ) {
297	+ // Do not allow to non-admin user without full access to URE update his own role
298	+ return false;
299	+ }
300	+
301	+ return true;
302	+ }
303	+ // end of last_check_before_update()
304	+
305	+
306	+ /**
307	+ * Return true if $capability is included to the list of capabilities allowed for the single site administrator
308	+ * @param string $capability - capability ID
309	+ * @param boolean $ignore_super_admin - if
310	+ * @return boolean
311	+ */
312	+ public function block_cap_for_single_admin($capability, $ignore_super_admin=false) {
313	+
314	+ if (!$this->lib->is_pro()) {
315	+ // this functionality is for the Pro version only.
316	+ return false;
317	+ }
318	+ $multisite = $this->lib->get('multisite');
319	+ if ( !$multisite ) { // work for multisite only
320	+ return false;
321	+ }
322	+ if ( !$ignore_super_admin && $this->lib->is_super_admin() ) {
323	+ // Do not block superadmin
324	+ return false;
325	+ }
326	+ $caps_access_restrict_for_simple_admin = $this->lib->get_option( 'caps_access_restrict_for_simple_admin', 0 );
327	+ if ( !$caps_access_restrict_for_simple_admin ) {
328	+ return false;
329	+ }
330	+
331	+ $allowed_caps = $this->lib->get_option( 'caps_allowed_for_single_admin', array() );
332	+ if (in_array( $capability, $allowed_caps ) ) {
333	+ $block_this_cap = false;
334	+ } else {
335	+ $block_this_cap = true;
336	+ }
337	+
338	+ return $block_this_cap;
339	+ }
340	+ // end of block_cap_for_single_admin()
341	+
342	+
343	+ /**
344	+ * Returns array without capabilities blocked for single site administrators
345	+ * @param array $capabilities
346	+ * @return array
347	+ */
348	+ protected function remove_caps_not_allowed_for_single_admin( $capabilities ) {
349	+ if (!$this->lib->is_pro()) {
350	+ // this functionality is for the Pro version only.
351	+ return $capabilities;
352	+ }
353	+
354	+ foreach( array_keys( $capabilities ) as $cap ) {
355	+ if ( $this->block_cap_for_single_admin( $cap ) ) {
356	+ unset( $capabilities[$cap] );
357	+ }
358	+ }
359	+
360	+ return $capabilities;
361	+ }
362	+ // end of remove_caps_not_allowed_for_single_admin()
363	+
364	+
365	+ protected function role_contains_caps_not_allowed_for_simple_admin( $role_id ) {
366	+
367	+ $result = false;
368	+ if (!$this->lib->is_pro()) {
369	+ // this functionality is for the Pro version only.
370	+ return $result;
371	+ }
372	+
373	+ $role = $this->roles[$role_id];
374	+ if ( !is_array( $role['capabilities'] ) ) {
375	+ return false;
376	+ }
377	+ foreach ( array_keys( $role['capabilities'] ) as $cap ) {
378	+ if ( $this->block_cap_for_single_admin( $cap ) ) {
379	+ $result = true;
380	+ break;
381	+ }
382	+ }
383	+
384	+ return $result;
385	+ }
386	+ // end of role_contains_caps_not_allowed_for_simple_admin()
387	+
388	+
389	+ // Save Roles to database
390	+ protected function save_roles() {
391	+ global $wpdb;
392	+
393	+ if ( !$this->last_check_before_update() ) {
394	+ return false;
395	+ }
396	+
397	+ if ( !isset($this->roles[$this->current_role]) ) {
398	+ return false;
399	+ }
400	+
401	+ $this->capabilities_to_save = $this->remove_caps_not_allowed_for_single_admin( $this->capabilities_to_save );
402	+ $this->roles[$this->current_role]['name'] = $this->current_role_name;
403	+ $this->roles[$this->current_role]['capabilities'] = $this->capabilities_to_save;
404	+ $option_name = $wpdb->prefix . 'user_roles';
405	+
406	+ update_option($option_name, $this->roles);
407	+
408	+ // save additional options for the current role
409	+ if (empty($this->role_additional_options)) {
410	+ $this->role_additional_options = URE_Role_Additional_Options::get_instance($this->lib);
411	+ }
412	+ $this->role_additional_options->save($this->current_role);
413	+
414	+ return true;
415	+ }
416	+ // end of save_roles()
417	+
418	+
419	+ /**
420	+ * Update roles for all network using direct database access - quicker in several times
421	+ * Execution speed is critical for large multi-site networks.
422	+ * @global wpdb $wpdb
423	+ * @return boolean
424	+ */
425	+ protected function direct_network_roles_update() {
426	+ global $wpdb;
427	+
428	+ $multisite = $this->lib->get( 'multisite' );
429	+ if (!$multisite) {
430	+ return false;
431	+ }
432	+
433	+ if ( !$this->last_check_before_update() ) {
434	+ return false;
435	+ }
436	+
437	+ if ( !empty( $this->current_role ) ) {
438	+ $this->roles[$this->current_role]['name'] = $this->current_role_name;
439	+ $this->roles[$this->current_role]['capabilities'] = $this->capabilities_to_save;
440	+ }
441	+
442	+ $serialized_roles = serialize( $this->roles );
443	+ $blog_ids = $this->lib->get_blog_ids();
444	+ foreach ($blog_ids as $blog_id) {
445	+ $prefix = $wpdb->get_blog_prefix($blog_id);
446	+ $options_table_name = $prefix . 'options';
447	+ $option_name = $prefix . 'user_roles';
448	+ $query = "UPDATE {$options_table_name}
449	+ SET option_value='$serialized_roles'
450	+ WHERE option_name='$option_name'
451	+ LIMIT 1";
452	+ $wpdb->query($query);
453	+ if ($wpdb->last_error) {
454	+ return false;
455	+ }
456	+ // @TODO: save role additional options
457	+
458	+ }
459	+
460	+ do_action( 'ure_direct_network_roles_update' );
461	+
462	+ return true;
463	+ }
464	+ // end of direct_network_roles_update()
465	+
466	+
467	+ protected function wp_api_network_roles_update() {
468	+ global $wpdb;
469	+
470	+ $old_blog = $wpdb->blogid;
471	+ $blog_ids = $this->lib->get_blog_ids();
472	+ if (empty( $blog_ids ) ) {
473	+ return false;
474	+ }
475	+
476	+ $result = true;
477	+ foreach ( $blog_ids as $blog_id ) {
478	+ switch_to_blog( $blog_id );
479	+ $this->roles = $this->lib->get_user_roles();
480	+ if ( !isset( $this->roles[$this->current_role] ) ) { // add new role to this blog
481	+ $this->roles[$this->current_role] = array('name' => $this->current_role_name, 'capabilities' => array('read' => true));
482	+ }
483	+ if ( !$this->save_roles() ) {
484	+ $result = false;
485	+ break;
486	+ }
487	+ }
488	+ $this->lib->restore_after_blog_switching( $old_blog );
489	+ $this->roles = $this->lib->get_user_roles();
490	+
491	+ return $result;
492	+ }
493	+ // end of wp_api_network_roles_update()
494	+
495	+
496	+ /**
497	+ * Update role for all network using WordPress API
498	+ *
499	+ * @return boolean
500	+ */
501	+ protected function multisite_update_roles() {
502	+
503	+ $multisite = $this->lib->get('multisite');
504	+ if (!$multisite) {
505	+ return false;
506	+ }
507	+
508	+ $debug = $this->lib->get('debug');
509	+ if ( $debug ) {
510	+ $time_shot = microtime();
511	+ }
512	+
513	+ if ( $this->is_full_network_synch() ) {
514	+ $result = $this->direct_network_roles_update();
515	+ } else {
516	+ $result = $this->wp_api_network_roles_update();
517	+ }
518	+
519	+ if ($debug) {
520	+ echo '<div class="updated fade below-h2">Roles updated for ' . ( microtime() - $time_shot ) . ' milliseconds</div>';
521	+ }
522	+
523	+ return $result;
524	+ }
525	+ // end of multisite_update_roles()
526	+
527	+
528	+ /**
529	+ * Process user request on update roles
530	+ *
531	+ * @global WP_Roles $wp_roles
532	+ * @return boolean
533	+ */
534	+ protected function update_roles() {
535	+ global $wp_roles;
536	+
537	+ $multisite = $this->lib->get( 'multisite' );
538	+ if ( $multisite && $this->lib->is_super_admin() && $this->apply_to_all ) {
539	+ // update Role for all blogs/sites in the network (permitted to superadmin only)
540	+ if (!$this->multisite_update_roles()) {
541	+ return false;
542	+ }
543	+ } else {
544	+ if (!$this->save_roles()) {
545	+ return false;
546	+ }
547	+ }
548	+
549	+ // refresh global $wp_roles
550	+ $wp_roles = new WP_Roles();
551	+
552	+ return true;
553	+ }
554	+ // end of update_roles()
555	+
556	+
557	+ /**
558	+ * Update user roles and capabilities
559	+ *
560	+ * @global WP_Roles $wp_roles
561	+ * @param WP_User $user
562	+ * @return boolean
563	+ */
564	+ protected function update_user( $user ) {
565	+
566	+ if ( !is_a( $user, 'WP_User') ) {
567	+ return false;
568	+ }
569	+
570	+ do_action( 'ure_before_user_permissions_update', $user->ID );
571	+
572	+ $wp_roles = wp_roles();
573	+
574	+ $multisite = $this->lib->get('multisite');
575	+ if ($multisite) {
576	+ if ( !$this->check_blog_user( $user ) ) {
577	+ return false;
578	+ }
579	+ }
580	+
581	+ $select_primary_role = apply_filters( 'ure_users_select_primary_role', true );
582	+ if ( $select_primary_role \|\| $this->lib->is_super_admin()) {
583	+ $primary_role = $this->lib->get_request_var('primary_role', 'post');
584	+ if ( empty( $primary_role ) \|\| !isset( $wp_roles->roles[$primary_role] ) ) {
585	+ $primary_role = '';
586	+ }
587	+ } else {
588	+ if ( !empty( $user->roles ) ) {
589	+ $primary_role = $user->roles[0];
590	+ } else {
591	+ $primary_role = '';
592	+ }
593	+ }
594	+
595	+ $bbpress = $this->lib->get_bbpress();
596	+ if ( $bbpress->is_active() ) {
597	+ $bbp_user_role = bbp_get_user_role( $user->ID );
598	+ } else {
599	+ $bbp_user_role = '';
600	+ }
601	+
602	+ $edit_user_caps_mode = $this->get_edit_user_caps_mode();
603	+ if ( !$edit_user_caps_mode ) { // readonly mode
604	+ $this->capabilities_to_save = $user->caps;
605	+ }
606	+
607	+ // revoke all roles and capabilities from this user
608	+ $user->roles = array();
609	+ $user->remove_all_caps();
610	+
611	+ // restore primary role
612	+ if ( !empty( $primary_role ) ) {
613	+ $user->add_role( $primary_role );
614	+ }
615	+
616	+ // restore bbPress user role if he had one
617	+ if ( !empty( $bbp_user_role ) ) {
618	+ $user->add_role( $bbp_user_role );
619	+ }
620	+
621	+ // add other roles to user
622	+ foreach ($_POST as $key => $value) {
623	+ $result = preg_match( '/^wp_role_(.+)/', $key, $match );
624	+ if ( $result !== 1 ) {
625	+ continue;
626	+ }
627	+ $role = $match[1];
628	+ if ( !isset( $wp_roles->roles[$role] ) ) {
629	+ continue;
630	+ }
631	+ $user->add_role( $role );
632	+ if ( !$edit_user_caps_mode && isset( $this->capabilities_to_save[$role] ) ) {
633	+ unset( $this->capabilities_to_save[$role] );
634	+ }
635	+ }
636	+
637	+ // add individual capabilities to user
638	+ if ( count( $this->capabilities_to_save ) > 0) {
639	+ foreach ($this->capabilities_to_save as $key => $value) {
640	+ $user->add_cap( $key );
641	+ }
642	+ }
643	+ $user->update_user_level_from_caps();
644	+
645	+ do_action('ure_user_permissions_update', $user->ID, $user); // In order other plugins may hook to the user permissions update
646	+
647	+ return true;
648	+ }
649	+ // end of update_user()
650	+
651	+
652	+ /**
653	+ * Save changes to the roles or user
654	+ * @param string $mess - notification message to the user
655	+ * @return string - notification message to the user
656	+ */
657	+ protected function permissions_object_update( $mess ) {
658	+
659	+ if ( !empty( $mess ) ) {
660	+ $mess .= '<br/>';
661	+ }
662	+ if ( $this->ure_object === 'role' ) { // save role changes to database
663	+ if ($this->update_roles()) {
664	+ if (!$this->apply_to_all) {
665	+ $mess = esc_html__('Role is updated successfully', 'user-role-editor');
666	+ } else {
667	+ $mess = esc_html__('Roles are updated for all network', 'user-role-editor');
668	+ }
669	+ } else {
670	+ $mess = esc_html__('Error occurred during role(s) update', 'user-role-editor');
671	+ }
672	+ } else {
673	+ if ($this->update_user($this->user_to_edit)) {
674	+ $mess = esc_html__('User capabilities are updated successfully', 'user-role-editor');
675	+ } else {
676	+ $mess = esc_html__('Error occurred during user update', 'user-role-editor');
677	+ }
678	+ }
679	+
680	+ return $mess;
681	+ }
682	+ // end of permissions_object_update()
683	+
684	+
685	+ protected function update() {
686	+
687	+ $this->roles = $this->lib->get_user_roles();
688	+ $this->full_capabilities = $this->lib->init_full_capabilities( $this->ure_object );
689	+ if ( isset( $_POST['user_role'] ) ) {
690	+ $this->notification = $this->init_current_role_name();
691	+ }
692	+ $this->prepare_capabilities_to_save();
693	+ $this->notification = $this->permissions_object_update( $this->notification );
694	+
695	+ }
696	+ // end of update()
697	+
698	+
699	+ /**
700	+ * Return WordPress user roles to its initial state, just like after installation
701	+ * @global WP_Roles $wp_roles
702	+ */
703	+ protected function wp_roles_reinit() {
704	+ global $wp_roles, $wp_user_roles;
705	+
706	+ $wp_user_roles = null;
707	+ $wp_roles->roles = array();
708	+ $wp_roles->role_objects = array();
709	+ $wp_roles->role_names = array();
710	+ $wp_roles->use_db = true;
711	+
712	+ require_once(ABSPATH . '/wp-admin/includes/schema.php');
713	+ populate_roles();
714	+ $wp_roles = new WP_Roles();
715	+
716	+ $this->roles = $this->lib->get_user_roles();
717	+
718	+ }
719	+ // end of wp_roles_reinit()
720	+
721	+ /**
722	+ * Reset user roles to WordPress default roles
723	+ */
724	+ public function reset_user_roles() {
725	+
726	+ if (!current_user_can('ure_reset_roles')) {
727	+ esc_html_e('Insufficient permissions to work with User Role Editor','user-role-editor');
728	+ $debug = ( defined('WP_PHP_UNIT_TEST') && WP_PHP_UNIT_TEST==true );
729	+ if ( !$debug ) {
730	+ die;
731	+ } else {
732	+ return false;
733	+ }
734	+ }
735	+
736	+ $this->wp_roles_reinit();
737	+ URE_Own_Capabilities::init_caps();
738	+
739	+ $multisite = $this->lib->get('multisite');
740	+ if ( !$multisite ) {
741	+ return true;
742	+ }
743	+
744	+ $this->apply_to_all = $this->lib->get_request_var('ure_apply_to_all', 'post', 'checkbox');
745	+ if ($this->apply_to_all) {
746	+ $this->current_role = '';
747	+ $this->direct_network_roles_update();
748	+ }
749	+
750	+ return true;
751	+ }
752	+ // end of reset_user_roles()
753	+
754	+
755	+ protected function get_role_id_from_post() {
756	+
757	+ $result = array('role_id'=>'', 'message'=>'');
758	+ $role_id = $this->lib->get_request_var('user_role_id', 'post' );
759	+ if ( empty( $role_id ) ) {
760	+ $result['message'] = esc_html__('Error: Role ID is empty!', 'user-role-editor' );
761	+ return $result;
762	+ }
763	+ $role_id = utf8_decode( $role_id );
764	+ // sanitize user input for security
765	+ $match = array();
766	+ $valid_name = preg_match( '/[A-Za-z0-9_\-]*/', $role_id, $match );
767	+ if ( !$valid_name \|\| ( $valid_name && ( $match[0] !== $role_id ) ) ) {
768	+ // Some non-alphanumeric charactes found!
769	+ $result['message'] = esc_html__( 'Error: Role ID must contain latin characters, digits, hyphens or underscore only!', 'user-role-editor' );
770	+ return $result;
771	+ }
772	+ $numeric_name = preg_match( '/[0-9]*/', $role_id, $match );
773	+ if ( $numeric_name && ( $match[0] === $role_id ) ) {
774	+ // Numeric name discovered
775	+ $result['message'] = esc_html__( 'Error: WordPress does not support numeric Role name (ID). Add latin characters to it.', 'user-role-editor' );
776	+ return $result;
777	+ }
778	+
779	+ $result['role_id'] = strtolower( $role_id );
780	+
781	+ return $result;
782	+ }
783	+ // end of get_role_id_from_post()
784	+
785	+
786	+ /**
787	+ * Process new role creation request
788	+ *
789	+ * @return string - message about operation result
790	+ *
791	+ */
792	+ protected function add_new_role() {
793	+
794	+ if (!current_user_can('ure_create_roles')) {
795	+ return esc_html__('Insufficient permissions to work with User Role Editor','user-role-editor');
796	+ }
797	+
798	+ $result = $this->get_role_id_from_post();
799	+ if ( !empty( $result['message'] ) ) {
800	+ return $result['message'];
801	+ }
802	+
803	+ $role_id = $result['role_id'];
804	+ $wp_roles = wp_roles();
805	+ if ( isset( $wp_roles->roles[$role_id] ) ) {
806	+ $message = sprintf( 'Error! ' . esc_html__('Role %s exists already', 'user-role-editor' ), $role_id);
807	+ return $message;
808	+ }
809	+
810	+ $role_name = isset( $_POST['user_role_name'] ) ? $_POST['user_role_name'] : false;
811	+ if ( !empty( $role_name ) ) {
812	+ $role_name = sanitize_text_field( $role_name );
813	+ } else {
814	+ $role_name = $role_id; // as user role name is empty, use user role ID instead as a default value
815	+ }
816	+ $this->current_role = $role_id;
817	+ $role_copy_from = isset($_POST['user_role_copy_from']) ? $_POST['user_role_copy_from'] : false;
818	+ if ( !empty( $role_copy_from ) && $role_copy_from !== 'none' && $wp_roles->is_role( $role_copy_from ) ) {
819	+ $role = $wp_roles->get_role($role_copy_from);
820	+ $capabilities = $this->remove_caps_not_allowed_for_single_admin( $role->capabilities );
821	+ } else {
822	+ $capabilities = array('read' => true, 'level_0' => true); // User subscriber role permissions as a default value
823	+ }
824	+ // add new role to the roles array
825	+ $result = add_role($role_id, $role_name, $capabilities);
826	+ if ( !isset( $result ) \|\| empty( $result ) ) {
827	+ $message = 'Error! ' . esc_html__('Error is encountered during new role create operation', 'user-role-editor' );
828	+ } else {
829	+ $message = sprintf(esc_html__('Role %s is created successfully', 'user-role-editor'), $role_name );
830	+ }
831	+
832	+ return $message;
833	+ }
834	+ // end of add_new_role()
835	+
836	+
837	+ /**
838	+ * process rename role request
839	+ *
840	+ * @global WP_Roles $wp_roles
841	+ *
842	+ * @return string - message about operation result
843	+ *
844	+ */
845	+ protected function rename_role() {
846	+ global $wp_roles;
847	+
848	+ if ( !current_user_can('ure_edit_roles') ) {
849	+ return esc_html__('Insufficient permissions to work with User Role Editor','user-role-editor');
850	+ }
851	+
852	+ $result = $this->get_role_id_from_post();
853	+ if ( !empty( $result['message'] ) ) {
854	+ return $result['message'];
855	+ }
856	+
857	+ $new_role_name = $this->lib->get_request_var('user_role_name', 'post' );
858	+ if ( empty( $new_role_name ) ) {
859	+ $message = esc_html__( 'Error: Empty role display name is not allowed.', 'user-role-editor' );
860	+ return $message;
861	+ }
862	+
863	+ $role_id = $result['role_id'];
864	+ $wp_roles = wp_roles();
865	+ if ( !isset( $wp_roles->roles[$role_id] ) ) {
866	+ $message = sprintf('Error! ' . esc_html__('Role %s does not exists', 'user-role-editor'), $role_id);
867	+ return $message;
868	+ }
869	+
870	+ $new_role_name = sanitize_text_field( $new_role_name );
871	+ $this->current_role = $role_id;
872	+ $this->current_role_name = $new_role_name;
873	+
874	+ $old_role_name = $wp_roles->roles[$role_id]['name'];
875	+ $wp_roles->roles[$role_id]['name'] = $new_role_name;
876	+ update_option( $wp_roles->role_key, $wp_roles->roles );
877	+
878	+ $message = sprintf( esc_html__('Role %s is renamed to %s successfully', 'user-role-editor'), $old_role_name, $new_role_name );
879	+
880	+ return $message;
881	+ }
882	+ // end of rename_role()
883	+
884	+
885	+ protected function get_wp_built_in_roles() {
886	+
887	+ $result = array('subscriber', 'contributor', 'author', 'editor', 'administrator');
888	+
889	+ return $result;
890	+ }
891	+ // end of get_wp_built_in_roles()
892	+
893	+ /**
894	+ * return array with roles which we could delete, e.g self-created and not used with any blog user
895	+ *
896	+ * @return array
897	+ */
898	+ public function get_roles_can_delete() {
899	+
900	+ $default_role = get_option( 'default_role' );
901	+ $wp_built_in_roles = $this->get_wp_built_in_roles();
902	+ $roles_can_delete = array();
903	+ $users = count_users();
904	+ $roles = $this->lib->get_user_roles();
905	+ foreach ($roles as $key => $role) {
906	+ $can_delete = true;
907	+ // check if it is default role for new users
908	+ if ( $key === $default_role ) {
909	+ $can_delete = false;
910	+ continue;
911	+ }
912	+ // Do not allow to delete WordPress built-in role
913	+ if ( in_array( $key, $wp_built_in_roles ) ) {
914	+ continue;
915	+ }
916	+ // check if role has capabilities prohibited for the single site administrator
917	+ if ( $this->role_contains_caps_not_allowed_for_simple_admin( $key ) ) {
918	+ continue;
919	+ }
920	+ if ( !isset( $users['avail_roles'][$key] ) ) {
921	+ $roles_can_delete[$key] = $role['name'] . ' (' . $key . ')';
922	+ }
923	+ }
924	+
925	+ return $roles_can_delete;
926	+ }
927	+ // end of get_roles_can_delete()
928	+
929	+
930	+ /**
931	+ * Deletes user role from the WP database
932	+ */
933	+ protected function delete_wp_roles( $roles_to_del ) {
934	+ global $wp_roles;
935	+
936	+ if ( !current_user_can('ure_delete_roles') ) {
937	+ $message = esc_html__('Insufficient permissions to work with User Role Editor','user-role-editor');
938	+ return $message;
939	+ }
940	+
941	+ if ( empty($roles_to_del) \|\| !is_array($roles_to_del) ) {
942	+ $message = esc_html__('Empty or not valid list of roles for deletion','user-role-editor');
943	+ return $message;
944	+ }
945	+
946	+ $roles_can_delete = $this->get_roles_can_delete();
947	+ $wp_roles = wp_roles();
948	+ $result = false;
949	+ foreach($roles_to_del as $role_id) {
950	+ if ( !isset( $wp_roles->roles[$role_id] ) ) {
951	+ $message = esc_html__('Role does not exist','user-role-editor') .' - '.$role_id;
952	+ return $message;
953	+ }
954	+ if ( !isset( $roles_can_delete[$role_id]) ) {
955	+ $message = esc_html__('You can not delete role','user-role-editor') .' - '.$role_id;
956	+ return $message;
957	+ }
958	+
959	+ unset( $wp_roles->role_objects[$role_id] );
960	+ unset( $wp_roles->role_names[$role_id] );
961	+ unset( $wp_roles->roles[$role_id] );
962	+ $result = true;
963	+ } // foreach()
964	+ if ( $result ) {
965	+ update_option( $wp_roles->role_key, $wp_roles->roles );
966	+ }
967	+
968	+ return $result;
969	+ }
970	+ // end of delete_wp_roles()
971	+
972	+
973	+ protected function delete_all_unused_roles() {
974	+
975	+ $roles_to_del = array_keys( $this->get_roles_can_delete() );
976	+ $result = $this->delete_wp_roles( $roles_to_del );
977	+ $this->roles = null; // to force roles refresh in User Role Editor
978	+
979	+ return $result;
980	+ }
981	+ // end of delete_all_unused_roles()
982	+
983	+
984	+ /**
985	+ * Process user request for user role deletion
986	+ * @return string
987	+ */
988	+ protected function delete_role() {
989	+
990	+ if ( !current_user_can('ure_delete_roles') ) {
991	+ $message = esc_html__('Insufficient permissions to work with User Role Editor','user-role-editor');
992	+ return $message;
993	+ }
994	+
995	+ $role_id = $this->lib->get_request_var( 'user_role_id', 'post');
996	+ if ( $role_id==-1 ) { // delete all unused roles
997	+ $result = $this->delete_all_unused_roles();
998	+ } else {
999	+ $result = $this->delete_wp_roles( array( $role_id ) );
1000	+ }
1001	+ if ($result===true) {
1002	+ if ( $role_id==-1 ) {
1003	+ $message = esc_html__( 'Unused roles are deleted successfully', 'user-role-editor' );
1004	+ } else {
1005	+ $message = sprintf( esc_html__( 'Role %s is deleted successfully', 'user-role-editor' ), $role_id );
1006	+ }
1007	+ } elseif ( empty($result) ) {
1008	+ $message = 'Error! '. esc_html__( 'Error encountered during role delete operation', 'user-role-editor' );
1009	+ } else {
1010	+ $message = $result;
1011	+ }
1012	+ if ( isset( $_POST['user_role_id'] ) ) {
1013	+ unset( $_POST['user_role_id'] );
1014	+ }
1015	+
1016	+ return $message;
1017	+ }
1018	+ // end of delete_role()
1019	+
1020	+
1021	+ /**
1022	+ * Change default WordPress role
1023	+ * @global WP_Roles $wp_roles
1024	+ * @return string
1025	+ */
1026	+ protected function change_default_role() {
1027	+
1028	+ if ( !current_user_can('ure_delete_roles') ) {
1029	+ $mess = esc_html__('Insufficient permissions to work with User Role Editor','user-role-editor');
1030	+ return $mess;
1031	+ }
1032	+
1033	+ $multisite = $this->lib->get('multisite');
1034	+ if ( !$multisite \|\| is_network_admin() ) {
1035	+ $mess = esc_html__('This method is only for the single site of WordPress multisite installation.', 'user-role-editor');
1036	+ return $mess;
1037	+ }
1038	+ if ( empty( $_POST['user_role_id'] ) ) {
1039	+ $mess = esc_html__('Wrong request. Default role can not be empty', 'user-role-editor');
1040	+ return $mess;
1041	+ }
1042	+
1043	+ $mess = '';
1044	+ $wp_roles = wp_roles();
1045	+ $role_id = $this->lib->get_request_var('user_role_id', 'post');
1046	+ unset( $_POST['user_role_id'] );
1047	+ if ( isset( $wp_roles->role_objects[$role_id] ) && $role_id !== 'administrator' ) {
1048	+ update_option( 'default_role', $role_id );
1049	+ $this->wp_default_role = get_option( 'default_role' );
1050	+ if ($this->wp_default_role===$role_id) {
1051	+ $mess = sprintf(esc_html__('Default role for new users is set to %s successfully', 'user-role-editor'), $wp_roles->role_names[$role_id]);
1052	+ } else {
1053	+ $mess = 'Error! ' . esc_html__('Error encountered during default role change operation', 'user-role-editor');
1054	+ }
1055	+ } elseif ($role_id === 'administrator') {
1056	+ $mess = 'Error! ' . esc_html__('Can not set Administrator role as a default one', 'user-role-editor');
1057	+ } else {
1058	+ $mess = 'Error! ' . esc_html__('This role does not exist - ', 'user-role-editor') . esc_html($role_id);
1059	+ }
1060	+
1061	+
1062	+ return $mess;
1063	+ }
1064	+ // end of change_default_role()
1065	+
1066	+
1067	+ /**
1068	+ * Process user request
1069	+ */
1070	+ protected function process_user_request() {
1071	+
1072	+ $this->notification = '';
1073	+ if ( !isset( $_POST['action'] ) ) {
1074	+ return false;
1075	+ }
1076	+ if ( !$this->valid_nonce() ) {
1077	+ if ( defined('WP_DEBUG') && WP_DEBUG ) {
1078	+ return false;
1079	+ } else {
1080	+ exit;
1081	+ }
1082	+ }
1083	+
1084	+ $action = $this->lib->get_request_var('action', 'post');
1085	+ switch ( $action ) {
1086	+ case 'reset': {
1087	+ $this->reset_user_roles();
1088	+ exit;
1089	+ }
1090	+ case 'add-new-role': {
1091	+ // process new role create request
1092	+ $this->notification = $this->add_new_role();
1093	+ break;
1094	+ }
1095	+ case 'rename-role': {
1096	+ // process rename role request
1097	+ $this->notification = $this->rename_role();
1098	+ break;
1099	+ }
1100	+ case 'delete-role': {
1101	+ $this->notification = $this->delete_role();
1102	+ break;
1103	+ }
1104	+ case 'change-default-role': {
1105	+ $this->notification = $this->change_default_role();
1106	+ break;
1107	+ }
1108	+ case 'caps-readable': {
1109	+ $this->set_caps_readable();
1110	+ break;
1111	+ }
1112	+ case 'show-deprecated-caps': {
1113	+ $this->set_show_deprecated_caps();
1114	+ break;
1115	+ }
1116	+ case 'hide-pro-banner': {
1117	+ $this->hide_pro_banner();
1118	+ break;
1119	+ }
1120	+ case 'add-new-capability': {
1121	+ $this->notification = URE_Capability::add( $this->ure_object );
1122	+ break;
1123	+ }
1124	+ case 'delete-user-capability': {
1125	+ $this->notification = URE_Capability::delete();
1126	+ break;
1127	+ }
1128	+ case 'roles_restore_note': {
1129	+ $this->notification = esc_html__('User Roles are restored to WordPress default values. ', 'user-role-editor');
1130	+ break;
1131	+ }
1132	+ case 'update': {
1133	+ $this->update();
1134	+ break;
1135	+ }
1136	+ default: {
1137	+ do_action('ure_process_user_request');
1138	+ }
1139	+ } // switch ( $action ) ....
1140	+
1141	+ return true;
1142	+ }
1143	+ // end of process_user_request()
1144	+
1145	+
1146	+ protected function init1() {
1147	+
1148	+ $this->roles = $this->lib->get_user_roles();
1149	+ $this->full_capabilities = $this->lib->init_full_capabilities( $this->ure_object );
1150	+ if ( empty( $this->role_additional_options ) ) {
1151	+ $this->role_additional_options = URE_Role_Additional_Options::get_instance( $this->lib );
1152	+ }
1153	+
1154	+ }
1155	+ // end of editor_init1()
1156	+
1157	+
1158	+ /**
1159	+ * Return id of role last in the list of sorted roles
1160	+ *
1161	+ */
1162	+ protected function get_last_role_id() {
1163	+
1164	+ // get the key of the last element in roles array
1165	+ $keys = array_keys($this->roles);
1166	+ $last_role_id = array_pop($keys);
1167	+
1168	+ return $last_role_id;
1169	+ }
1170	+ // end of get_last_role_id()
1171	+
1172	+
1173	+ protected function set_current_role() {
1174	+
1175	+ if (!isset($this->current_role) \|\| !$this->current_role) {
1176	+ if (isset($_REQUEST['user_role']) && $_REQUEST['user_role'] && isset($this->roles[$_REQUEST['user_role']])) {
1177	+ $this->current_role = $_REQUEST['user_role'];
1178	+ } else {
1179	+ $this->current_role = $this->get_last_role_id();
1180	+ }
1181	+ $this->current_role_name = $this->roles[$this->current_role]['name'];
1182	+ }
1183	+
1184	+ }
1185	+ // end of set_current_role()
1186	+
1187	+
1188	+ // returns true if editing user has $capability assigned through the roles or directly
1189	+ // returns true if editing user has role with name equal $capability
1190	+ public function user_can($capability) {
1191	+
1192	+ if (isset($this->user_to_edit->caps[$capability])) {
1193	+ return true;
1194	+ }
1195	+ foreach ($this->user_to_edit->roles as $role) {
1196	+ if ($role===$capability) {
1197	+ return true;
1198	+ }
1199	+ if (!empty($this->roles[$role]['capabilities'][$capability])) {
1200	+ return true;
1201	+ }
1202	+ }
1203	+
1204	+ return false;
1205	+ }
1206	+ // end of user_can()
1207	+
1208	+
1209	+ protected function show_editor() {
1210	+
1211	+ $this->lib->show_message( $this->notification );
1212	+ if ( $this->ure_object == 'user' ) {
1213	+ $view = new URE_User_View();
1214	+ } else {
1215	+ $this->set_current_role();
1216	+ $view = new URE_Role_View();
1217	+ $view->role_edit_prepare_html();
1218	+ }
1219	+ ?>
1220	+ <div class="wrap">
1221	+ <h1><?php _e('User Role Editor', 'user-role-editor'); ?></h1>
1222	+ <div id="ure_container">
1223	+ <div id="user_role_editor" class="ure-table-cell" >
1224	+ <form id="ure_form" method="post" action="<?php echo URE_WP_ADMIN_URL . URE_PARENT . '?page=users-' . URE_PLUGIN_FILE; ?>" >
1225	+ <div id="ure_form_controls">
1226	+ <?php
1227	+ $view->display();
1228	+ wp_nonce_field( 'user-role-editor', 'ure_nonce' );
1229	+ ?>
1230	+ <input type="hidden" name="action" value="update" />
1231	+ </div>
1232	+ </form>
1233	+ <?php
1234	+ if ( !$this->lib->is_pro() ) {
1235	+ $view->advertise_pro();
1236	+ }
1237	+ ?>
1238	+ </div>
1239	+ <?php
1240	+ if (!$this->lib->is_pro()) {
1241	+ $view->advertise_commercials();
1242	+ }
1243	+ $view->display_edit_dialogs();
1244	+ do_action( 'ure_dialogs_html' );
1245	+ URE_Role_View::output_confirmation_dialog();
1246	+ ?>
1247	+ </div>
1248	+ </div>
1249	+ <?php
1250	+ }
1251	+ // end of show_editor()
1252	+
1253	+
1254	+ /**
1255	+ * Show main page according to the context - role or user editor
1256	+ */
1257	+ public function show() {
1258	+
1259	+ if (!$this->init0()) {
1260	+ $message = esc_html__( 'Error: wrong request', 'user-role-editor' );
1261	+ $this->lib->show_message( $message );
1262	+ return false;
1263	+ }
1264	+
1265	+ $this->process_user_request();
1266	+ $this->init1();
1267	+ $this->show_editor();
1268	+
1269	+ return true;
1270	+ }
1271	+ // end of show()
1272	+
1273	+
1274	+ public function set_notification($value) {
1275	+
1276	+ $this->notification = $value;
1277	+
1278	+ }
1279	+ // end of set_notification()
1280	+
1281	+
1282	+ /**
1283	+ * Not really used in the plugin - just storage for the translation strings
1284	+ */
1285	+ protected function translation_data() {
1286	+ // for the translation purpose
1287	+ if (false) {
1288	+ // Standard WordPress roles
1289	+ __('Editor', 'user-role-editor');
1290	+ __('Author', 'user-role-editor');
1291	+ __('Contributor', 'user-role-editor');
1292	+ __('Subscriber', 'user-role-editor');
1293	+ // Standard WordPress capabilities
1294	+ __('Switch themes', 'user-role-editor');
1295	+ __('Edit themes', 'user-role-editor');
1296	+ __('Activate plugins', 'user-role-editor');
1297	+ __('Edit plugins', 'user-role-editor');
1298	+ __('Edit users', 'user-role-editor');
1299	+ __('Edit files', 'user-role-editor');
1300	+ __('Manage options', 'user-role-editor');
1301	+ __('Moderate comments', 'user-role-editor');
1302	+ __('Manage categories', 'user-role-editor');
1303	+ __('Manage links', 'user-role-editor');
1304	+ __('Upload files', 'user-role-editor');
1305	+ __('Import', 'user-role-editor');
1306	+ __('Unfiltered html', 'user-role-editor');
1307	+ __('Edit posts', 'user-role-editor');
1308	+ __('Edit others posts', 'user-role-editor');
1309	+ __('Edit published posts', 'user-role-editor');
1310	+ __('Publish posts', 'user-role-editor');
1311	+ __('Edit pages', 'user-role-editor');
1312	+ __('Read', 'user-role-editor');
1313	+ __('Level 10', 'user-role-editor');
1314	+ __('Level 9', 'user-role-editor');
1315	+ __('Level 8', 'user-role-editor');
1316	+ __('Level 7', 'user-role-editor');
1317	+ __('Level 6', 'user-role-editor');
1318	+ __('Level 5', 'user-role-editor');
1319	+ __('Level 4', 'user-role-editor');
1320	+ __('Level 3', 'user-role-editor');
1321	+ __('Level 2', 'user-role-editor');
1322	+ __('Level 1', 'user-role-editor');
1323	+ __('Level 0', 'user-role-editor');
1324	+ __('Edit others pages', 'user-role-editor');
1325	+ __('Edit published pages', 'user-role-editor');
1326	+ __('Publish pages', 'user-role-editor');
1327	+ __('Delete pages', 'user-role-editor');
1328	+ __('Delete others pages', 'user-role-editor');
1329	+ __('Delete published pages', 'user-role-editor');
1330	+ __('Delete posts', 'user-role-editor');
1331	+ __('Delete others posts', 'user-role-editor');
1332	+ __('Delete published posts', 'user-role-editor');
1333	+ __('Delete private posts', 'user-role-editor');
1334	+ __('Edit private posts', 'user-role-editor');
1335	+ __('Read private posts', 'user-role-editor');
1336	+ __('Delete private pages', 'user-role-editor');
1337	+ __('Edit private pages', 'user-role-editor');
1338	+ __('Read private pages', 'user-role-editor');
1339	+ __('Delete users', 'user-role-editor');
1340	+ __('Create users', 'user-role-editor');
1341	+ __('Unfiltered upload', 'user-role-editor');
1342	+ __('Edit dashboard', 'user-role-editor');
1343	+ __('Update plugins', 'user-role-editor');
1344	+ __('Delete plugins', 'user-role-editor');
1345	+ __('Install plugins', 'user-role-editor');
1346	+ __('Update themes', 'user-role-editor');
1347	+ __('Install themes', 'user-role-editor');
1348	+ __('Update core', 'user-role-editor');
1349	+ __('List users', 'user-role-editor');
1350	+ __('Remove users', 'user-role-editor');
1351	+ __('Add users', 'user-role-editor');
1352	+ __('Promote users', 'user-role-editor');
1353	+ __('Edit theme options', 'user-role-editor');
1354	+ __('Delete themes', 'user-role-editor');
1355	+ __('Export', 'user-role-editor');
1356	+ }
1357	+ }
1358	+ // end of translation_data()
1359	+
1360	+
1361	+ /**
1362	+ * Private clone method to prevent cloning of the instance of the
1363	+ * Singleton instance.
1364	+ *
1365	+ * @return void
1366	+ */
1367	+ private function __clone() { }
1368	+
1369	+ /**
1370	+ * Private unserialize method to prevent unserializing of the Singleton
1371	+ * instance.
1372	+ *
1373	+ * @return void
1374	+ */
1375	+ private function __wakeup() { }
1376	+
1377	+
1378	+ }
1379	+ // end of URE_Editor class

includes/classes/grant-roles.php CHANGED Viewed

	@@ -105,18 +105,19 @@ class URE_Grant_Roles {
105	return;
106	}
107
108	- $~~primary_role~~ = ~~array_shift(~~array_values($user->roles)); ~~// Get the 1st element from the roles array~~

109	$lib = URE_Lib::get_instance();
110	- $bbpress = $lib->get('bbpress');
111	- if (empty($bbpress)) {
112	$bbp_roles = array();
113	} else {
114	- $bbp_roles = $bbpress->extract_bbp_roles($user->roles);
115	}
116	$user->remove_all_caps();
117	- $roles = array_merge(array($primary_role), $bbp_roles, $roles);
118	- foreach($roles as $role) {
119	- $user->add_role($role);
120	}
121
122	}


105	return;
106	}
107
108	+ $roles_list = array_values( $user->roles );
109	+ $primary_role = array_shift( $roles_list ); // Get the 1st element from the roles array
110	$lib = URE_Lib::get_instance();
111	+ $bbpress = $lib->get( 'bbpress' );
112	+ if ( empty( $bbpress ) ) {
113	$bbp_roles = array();
114	} else {
115	+ $bbp_roles = $bbpress->extract_bbp_roles( $user->roles );
116	}
117	$user->remove_all_caps();
118	+ $roles = array_merge(array( $primary_role ), $bbp_roles, $roles );
119	+ foreach( $roles as $role ) {
120	+ $user->add_role( $role );
121	}
122
123	}

includes/classes/lib.php CHANGED Viewed

@@ -15,22 +15,8 @@ class URE_Lib extends URE_Base_Lib {
                 const  TRANSIENT_EXPIRATION = 600;
-            -
                protected $roles = null;
-            -
                protected $notification = '';   // notification message to show on page
-            -
                protected $apply_to_all = 0;
-            -
                protected $current_role = '';
-            -
                protected $capabilities_to_save = null;
                 protected $wp_default_role = '';
-            -
                protected $current_role_name = '';
-            -
                protected $user_to_edit = '';
-            -
                protected $show_deprecated_caps = false;
-            -
                protected $caps_readable = false;
-            -
                protected $caps_columns_quant = 1;
-            -
                protected $hide_pro_banner = false;
-            -
                protected $full_capabilities = false;
-            -
                protected $ure_object = 'role';  // what to process, 'role' or 'user'
                 protected $advert = null;
-            -
                protected $role_additional_options = null;
                 protected $bbpress = null; // reference to the URE_bbPress class instance
                 protected $key_capability = ''; // Key user capability for get full access to the User Role Editor
                 protected $settings_capability = ''; // User capability for access to User Role Editor Settings
@@ -61,7 +47,7 @@ class URE_Lib extends URE_Base_Lib {
                 // end of __construct()
-            -
                protected function get_bbpress() {
                     if ($this->bbpress===null) {
                         $this->bbpress = new URE_bbPress();
@@ -77,7 +63,7 @@ class URE_Lib extends URE_Base_Lib {
                     if (self::$instance === null) {
                         if (empty($options_id)) {
-            -
                            throw new Exception('URE_Lib::get_inctance() - Error: plugin options ID string is required');
+                        }
                         // new static() will work too
                         self::$instance = new URE_Lib($options_id);
@@ -110,36 +96,12 @@ class URE_Lib extends URE_Base_Lib {
                  * @return boolean
                  */
                 public function is_pro() {
                     return false;
+                }
                 // end of is_pro()
-            -
-            -
                public function get_ure_object() {
-            -
-            -
                    return $this->ure_object;
-            -
                }
-            -
                // end of get_ure_object();
-            -
-            -
-            -
-            -
                public function set_notification($value) {
-            -
-            -
                    $this->notification = $value;
-            -
-            -
                }
-            -
                // end of set_notification()
-            -
-            -
-            -
                public function set_apply_to_all($value) {
-            -
-            -
-            -
                    $this->apply_to_all = !empty($value) ? 1 : 0;
-            -
-            -
                }
-            -
                // end of set_apply_to_all()
-            -
-            -
                 public function set_raised_permissions($value) {
                     $this->raised_permissions = !empty($value) ? true : false;
@@ -178,1673 +140,199 @@ class URE_Lib extends URE_Base_Lib {
+                        }
+                    }
-            -
                }
-            -
                // end of init_options()
-            -
-            -
-            -
                /**
-            -
                 * saves options array into WordPress database wp_options table
-            -
                 */
-            -
                public function flush_options() {
-            -
                    global $wpdb;
-            -
-            -
                    $current_blog = $wpdb->blogid;
-            -
                    if ($this->multisite && $current_blog!==$this->main_blog_id) {
-            -
                        if ($this->active_for_network) {   // plugin is active for whole network, so get URE options from the main blog
-            -
                            switch_to_blog($this->main_blog_id);  // in order to save URE options to the main blog
-            -
                        }
-            -
                    }
-            -
-            -
                    update_option($this->options_id, $this->options);
-            -
-            -
                    if ($this->multisite && $current_blog!==$this->main_blog_id) {
-            -
                        if ($this->active_for_network) {   // plugin is active for whole network, so return back to the current blog
-            -
                            restore_current_blog();
-            -
                        }
-            -
                    }
-            -
-            -
                }
-            -
                // end of flush_options()
-            -
-            -
-            -
                public function get_main_blog_id() {
-            -
-            -
                    return $this->main_blog_id;
-            -
-            -
                }
-            -
-            -
-            -
                /**
-            -
                 *  Show main page according to the context - role or user editor
-            -
                 */
-            -
                public function editor() {
-            -
-            -
                    if (!$this->editor_init0()) {
-            -
                        $this->show_message(esc_html__('Error: wrong request', 'user-role-editor'));
-            -
                        return false;
-            -
                    }
-            -
                    $this->process_user_request();
-            -
                    $this->editor_init1();
-            -
                    $this->show_editor();
-            -
-            -
                }
-            -
                // end of editor()
-            -
-            -
-            -
                protected function show_editor() {
-            -
-            -
                    $this->show_message($this->notification);
-            -
                    if ($this->ure_object == 'user') {
-            -
                        $view = new URE_User_View();
-            -
                    } else {
-            -
                        $this->set_current_role();
-            -
                        $view = new URE_Role_View();
-            -
                        $view->role_edit_prepare_html();
-            -
                    }
-            -
                    ?>
-            -
                    <div class="wrap">
-            -
                        <h1><?php _e('User Role Editor', 'user-role-editor'); ?></h1>
-            -
                        <div id="ure_container">
-            -
                            <div id="user_role_editor" class="ure-table-cell" >
-            -
                                <form id="ure_form" method="post" action="<?php echo URE_WP_ADMIN_URL . URE_PARENT . '?page=users-' . URE_PLUGIN_FILE; ?>" >
-            -
                                    <div id="ure_form_controls">
-            -
                    <?php
-            -
                    $view->display();
-            -
                    wp_nonce_field('user-role-editor', 'ure_nonce');
-            -
                    ?>
-            -
                                        <input type="hidden" name="action" value="update" />
-            -
                                    </div>
-            -
                                </form>
-            -
            <?php
-            -
                    if (!$this->is_pro()) {
-            -
                        $view->advertise_pro();
-            -
                    }
-            -
            ?>
-            -
                            </div>
-            -
            <?php
-            -
                    if (!$this->is_pro()) {
-            -
                        $view->advertise_commercials();
-            -
                    }
-            -
                    $view->display_edit_dialogs();
-            -
                    do_action('ure_dialogs_html');
-            -
                    URE_Role_View::output_confirmation_dialog();
-            -
            ?>
-            -
                        </div>
-            -
                    </div>
-            -
                    <?php
-            -
                }
-            -
                // end of show_editor()
-            -
-            -
-            -
                // validate information about user we intend to edit
-            -
                protected function check_user_to_edit() {
-            -
-            -
                    if ($this->ure_object == 'user') {
-            -
                        if (!isset($_REQUEST['user_id'])) {
-            -
                            return false; // user_id value is missed
-            -
                        }
-            -
                        $user_id = $_REQUEST['user_id'];
-            -
                        if (!is_numeric($user_id)) {
-            -
                            return false;
-            -
                        }
-            -
                        if (!$user_id) {
-            -
                            return false;
-            -
                        }
-            -
                        $this->user_to_edit = get_user_to_edit($user_id);
-            -
                        if (empty($this->user_to_edit)) {
-            -
                            return false;
-            -
                        }
-            -
                    }
-            -
-            -
                    return true;
-            -
                }
-            -
                // end of check_user_to_edit()
-            -
-            -
-            -
                protected function init_current_role_name() {
-            -
-            -
                    $this->current_role = '';
-            -
                    $this->current_role_name = '';
-            -
                    if ( !isset( $_POST['user_role'] ) ) {
-            -
                        $mess = esc_html__('Error: ', 'user-role-editor') . esc_html__('Wrong request!', 'user-role-editor');
-            -
                    } else if ( !isset($this->roles[$_POST['user_role']]) ) {
-            -
                        $mess = esc_html__('Error: ', 'user-role-editor') . esc_html__('Role', 'user-role-editor') . ' <em>' . esc_html($_POST['user_role']) . '</em> ' .
-            -
                                esc_html__('does not exist', 'user-role-editor');
-            -
                    } else {
-            -
                        $this->current_role = $_POST['user_role'];
-            -
                        $this->current_role_name = $this->roles[$this->current_role]['name'];
-            -
                        $mess = '';
-            -
                    }
-            -
-            -
                    return $mess;
-            -
                }
-            -
                // end of init_current_role_name()
-            -
-            -
-            -
                // Add existing WPBakery Visial Composer () plugin capabilities from this role to the list of capabilities for save with this role update -
-            -
                // Visual Composer capabilities are excluded from a role update as they may store not boolean values.
-            -
                protected function restore_visual_composer_caps() {
-            -
-            -
                    if (!isset($this->roles[$this->current_role]) || !is_array($this->roles[$this->current_role]['capabilities'])) {
-            -
                        return false;
-            -
                    }
-            -
-            -
                    foreach($this->roles[$this->current_role]['capabilities'] as $cap=>$value) {
-            -
                        if (strpos($cap, 'vc_access_rules_')!==false) {
-            -
                            $this->capabilities_to_save[$cap] = $value;
-            -
                        }
-            -
                    }
-            -
-            -
                    return true;
-            -
                }
-            -
                // end of restore_visual_composer_caps()
-            -
-            -
-            -
                /**
-            -
                 *  prepare capabilities from user input to save at the database
-            -
                 */
-            -
                protected function prepare_capabilities_to_save() {
-            -
                    $this->capabilities_to_save = array();
-            -
                    foreach ($this->full_capabilities as $available_capability) {
-            -
                        $cap_id_esc = URE_Capability::escape($available_capability['inner']);
-            -
                        if (isset($_POST[$cap_id_esc])) {
-            -
                            $this->capabilities_to_save[$available_capability['inner']] = true;
-            -
                        }
-            -
                    }
-            -
-            -
                    $this->restore_visual_composer_caps();
-            -
                }
-            -
                // end of prepare_capabilities_to_save()
-            -
-            -
-            -
                /**
-            -
                 *  save changes to the roles or user
-            -
                 *  @param string $mess - notification message to the user
-            -
                 *  @return string - notification message to the user
-            -
                 */
-            -
                protected function permissions_object_update($mess) {
-            -
-            -
                    if ($this->ure_object == 'role') {  // save role changes to database
-            -
                        if ($this->update_roles()) {
-            -
                            if ($mess) {
-            -
                                $mess .= '<br/>';
-            -
                            }
-            -
                            if (!$this->apply_to_all) {
-            -
                                $mess = esc_html__('Role is updated successfully', 'user-role-editor');
-            -
                            } else {
-            -
                                $mess = esc_html__('Roles are updated for all network', 'user-role-editor');
-            -
                            }
-            -
                        } else {
-            -
                            if ($mess) {
-            -
                                $mess .= '<br/>';
-            -
                            }
-            -
                            $mess = esc_html__('Error occurred during role(s) update', 'user-role-editor');
-            -
                        }
-            -
                    } else {
-            -
                        if ($this->update_user($this->user_to_edit)) {
-            -
                            if ($mess) {
-            -
                                $mess .= '<br/>';
-            -
                            }
-            -
                            $mess = esc_html__('User capabilities are updated successfully', 'user-role-editor');
-            -
                        } else {
-            -
                            if ($mess) {
-            -
                                $mess .= '<br/>';
-            -
                            }
-            -
                            $mess = esc_html__('Error occurred during user update', 'user-role-editor');
-            -
                        }
-            -
                    }
-            -
                    return $mess;
-            -
                }
-            -
                // end of permissions_object_update()
-            -
-            -
-            -
                /**
-            -
                 * Process user request
-            -
                 */
-            -
                protected function process_user_request() {
-            -
-            -
                    $this->notification = '';
-            -
                    if (isset($_POST['action'])) {
-            -
                        if (empty($_POST['ure_nonce']) || !wp_verify_nonce($_POST['ure_nonce'], 'user-role-editor')) {
-            -
                            echo '<h3>Wrong nonce. Action prohibitied.</h3>';
-            -
                            exit;
-            -
                        }
-            -
-            -
                        $action = $_POST['action'];
-            -
-            -
                        if ($action == 'reset') {
-            -
                            $this->reset_user_roles();
-            -
                            exit;
-            -
                        } else if ($action == 'add-new-role') {
-            -
                            // process new role create request
-            -
                            $this->notification = $this->add_new_role();
-            -
                        } else if ($action == 'rename-role') {
-            -
                            // process rename role request
-            -
                            $this->notification = $this->rename_role();
-            -
                        } else if ($action == 'delete-role') {
-            -
                            $this->notification = $this->delete_role();
-            -
                        } else if ($action == 'change-default-role') {
-            -
                            $this->notification = $this->change_default_role();
-            -
                        } else if ($action == 'caps-readable') {
-            -
                            if ($this->caps_readable) {
-            -
                                $this->caps_readable = 0;
-            -
                            } else {
-            -
                                $this->caps_readable = 1;
-            -
                            }
-            -
                            set_site_transient( 'ure_caps_readable', $this->caps_readable, 600 );
-            -
                        } else if ($action == 'show-deprecated-caps') {
-            -
                            if ($this->show_deprecated_caps) {
-            -
                                $this->show_deprecated_caps = 0;
-            -
                            } else {
-            -
                                $this->show_deprecated_caps = 1;
-            -
                            }
-            -
                            set_site_transient( 'ure_show_deprecated_caps', $this->show_deprecated_caps, 600 );
-            -
                        } else if ($action == 'hide-pro-banner') {
-            -
                            $this->hide_pro_banner = 1;
-            -
                            $this->put_option('ure_hide_pro_banner', 1);
-            -
                            $this->flush_options();
-            -
                        } else if ($action == 'add-new-capability') {
-            -
                            $this->notification = URE_Capability::add();
-            -
                        } else if ($action == 'delete-user-capability') {
-            -
                            $this->notification = URE_Capability::delete();
-            -
                        } else if ($action == 'roles_restore_note') {
-            -
                            $this->notification = esc_html__('User Roles are restored to WordPress default values. ', 'user-role-editor');
-            -
                        } else if ($action == 'update') {
-            -
                            $this->roles = $this->get_user_roles();
-            -
                            $this->init_full_capabilities();
-            -
                            if (isset($_POST['user_role'])) {
-            -
                                $this->notification = $this->init_current_role_name();
-            -
                            }
-            -
                            $this->prepare_capabilities_to_save();
-            -
                            $this->notification = $this->permissions_object_update($this->notification);
-            -
                        } else {
-            -
                            do_action('ure_process_user_request');
-            -
                        } // if ($action
-            -
                    }
-            -
-            -
                }
-            -
                // end of process_user_request()
-            -
-            -
-            -
                protected function get_apply_to_all_from_post() {
-            -
                    if (isset($_POST['ure_apply_to_all'])) {
-            -
                        $this->apply_to_all = 1;
-            -
                    } else {
-            -
                        $this->apply_to_all = 0;
-            -
                    }
-            -
                }
-            -
                // end of get_apply_to_all_from_post()
-            -
-            -
-            -
                protected function get_caps_columns_quant() {
-            -
                    if (isset($_POST['caps_columns_quant']) && in_array($_POST['caps_columns_quant'], array(1,2,3))) {
-            -
                        $value = (int) $_POST['caps_columns_quant'];
-            -
                        set_site_transient('ure_caps_columns_quant', $value, self::TRANSIENT_EXPIRATION);
-            -
                    } else {
-            -
                        $value = get_site_transient('ure_caps_columns_quant');
-            -
                        if ($value===false) {
-            -
                            $value = $this->get_option('caps_columns_quant', 1);
-            -
                        }
-            -
                    }
-            -
-            -
                    $this->caps_columns_quant = $value;
-            -
                }
-            -
                // end of get_caps_columns_quant()
-            -
-            -
-            -
                public function get_default_role() {
-            -
-            -
                    $this->wp_default_role = get_option('default_role');
-            -
-            -
                }
-            -
                // end of get_default_role()
-            -
-            -
-            -
                protected function editor_init0() {
-            -
                    $this->caps_readable = get_site_transient('ure_caps_readable');
-            -
                    if (false === $this->caps_readable) {
-            -
                        $this->caps_readable = $this->get_option('ure_caps_readable');
-            -
                        set_site_transient('ure_caps_readable', $this->caps_readable, self::TRANSIENT_EXPIRATION);
-            -
                    }
-            -
                    $this->show_deprecated_caps = get_site_transient('ure_show_deprecated_caps');
-            -
                    if (false === $this->show_deprecated_caps) {
-            -
                        $this->show_deprecated_caps = $this->get_option('ure_show_deprecated_caps');
-            -
                        set_site_transient( 'ure_show_deprecated_caps', $this->show_deprecated_caps, URE_Lib::TRANSIENT_EXPIRATION );
-            -
                    }
-            -
-            -
                    $this->hide_pro_banner = $this->get_option('ure_hide_pro_banner', 0);
-            -
                    $this->get_default_role();
-            -
-            -
                    // could be sent as by POST, as by GET
-            -
                    if (isset($_REQUEST['object'])) {
-            -
                        $this->ure_object = $_REQUEST['object'];
-            -
                        if (!$this->check_user_to_edit()) {
-            -
                            return false;
-            -
                        }
-            -
                    } else {
-            -
                        $this->ure_object = 'role';
-            -
                    }
-            -
-            -
                    $this->get_apply_to_all_from_post();
-            -
                    $this->get_caps_columns_quant();
-            -
-            -
                    return true;
-            -
                }
-            -
                // end of editor_init0()
-            -
-            -
-            -
                public function editor_init1() {
-            -
-            -
                    $this->roles = $this->get_user_roles();
-            -
                    $this->init_full_capabilities();
-            -
                    if (empty($this->role_additional_options)) {
-            -
                        $this->role_additional_options = URE_Role_Additional_Options::get_instance($this);
-            -
                    }
-            -
-            -
                    if (!$this->is_pro()) {
-            -
                        require_once(URE_PLUGIN_DIR . 'includes/classes/advertisement.php');
-            -
                    }
-            -
-            -
                }
-            -
                // end of editor_init1()
-            -
-            -
-            -
                /**
-            -
                 * return id of role last in the list of sorted roles
-            -
                 *
-            -
                 */
-            -
                protected function get_last_role_id() {
-            -
-            -
                    // get the key of the last element in roles array
-            -
                    $keys = array_keys($this->roles);
-            -
                    $last_role_id = array_pop($keys);
-            -
-            -
                    return $last_role_id;
-            -
                }
-            -
                // end of get_last_role_id()
-            -
-            -
-            -
                /**
-            -
                 * Checks if user is allowed to use User Role Editor
-            -
                 *
-            -
                 * @param int $user_id
-            -
                 * @return boolean true
-            -
                 */
-            -
                public function user_is_admin($user_id = false) {
-            -
-            -
                    $ure_key_capability = URE_Own_Capabilities::get_key_capability();
-            -
                    if (empty($user_id)) {
-            -
                        $user_id = get_current_user_id();
-            -
                    }
-            -
                    $result = user_can($user_id, $ure_key_capability);
-            -
-            -
                    return $result;
-            -
                }
-            -
                // end of user_is_admin()
-            -
-            -
-            -
-            -
              /**
-            -
                 * return array with WordPress user roles
-            -
                 *
-            -
                 * @global WP_Roles $wp_roles
-            -
                 * @global type $wp_user_roles
-            -
                 * @return array
-            -
                 */
-            -
                public function get_user_roles() {
-            -
-            -
                    $bbpress = $this->get_bbpress();
-            -
                    if ($bbpress->is_active()) {  // bbPress plugin is active
-            -
                        $this->roles = $bbpress->get_roles();
-            -
                    } else {
-            -
                        $wp_roles = wp_roles();
-            -
                        $this->roles = $wp_roles->roles;
-            -
                    }
-            -
-            -
                    if (is_array($this->roles) && count($this->roles) > 0) {
-            -
                        asort($this->roles);
-            -
                    }
-            -
-            -
                    return $this->roles;
-            -
                }
-            -
                // end of get_user_roles()
-            -
-            -
-            -
                /**
-            -
                 * Respect 'editable_roles' filter, when needed
-            -
                 * @return array
-            -
                 */
-            -
                public function get_editable_user_roles() {
-            -
-            -
                    if (empty($this->roles)) {
-            -
                        $this->get_user_roles();
-            -
                    }
-            -
                    $bbpress = $this->get_bbpress();
-            -
                    if ($bbpress->is_active()) {
-            -
                        remove_filter('editable_roles', 'bbp_filter_blog_editable_roles');
-            -
                    }
-            -
                    $roles = apply_filters('editable_roles', $this->roles);
-            -
                    if ($bbpress->is_active()) {
-            -
                        add_filter('editable_roles', 'bbp_filter_blog_editable_roles');
-            -
                    }
-            -
-            -
                    return $roles;
-            -
                }
-            -
                // end of get_editable_user_roles()
-            -
-            -
-            -
                protected function convert_caps_to_readable($caps_name) {
-            -
-            -
                    $caps_name = str_replace('_', ' ', $caps_name);
-            -
                    $caps_name = ucfirst($caps_name);
-            -
-            -
                    return $caps_name;
-            -
                }
-            -
                // ure_ConvertCapsToReadable
-            -
-            -
                /**
-            -
                 * Create backup record for the WordPress user roles
-            -
                 * Run once on URE activation
-            -
                 *
-            -
                 * @global wpdb $wpdb
-            -
                 * @global WP_Roles $wp_roles
-            -
                 * @return type
-            -
                 */
-            -
                public function backup_wp_roles() {
-            -
                    global $wpdb, $wp_roles;
-            -
-            -
                    $site_id = get_current_blog_id();
-            -
                    $backup_roles_key = $wpdb->get_blog_prefix($site_id) .'backup_user_roles';
-            -
                    // check if backup user roles record exists already
-            -
                    $result = get_option($backup_roles_key, false);
-            -
                    if (!empty($result)) {
-            -
                        return;
-            -
                    }
-            -
-            -
                    update_option($backup_roles_key, $wp_roles->roles, false);
-            -
-            -
                }
-            -
                // end of backup_wp_roles()
-            -
-            -
-            -
                protected function role_contains_caps_not_allowed_for_simple_admin($role_id) {
-            -
-            -
                    $result = false;
-            -
                    $role = $this->roles[$role_id];
-            -
                    if (!is_array($role['capabilities'])) {
-            -
                        return false;
-            -
                    }
-            -
                    foreach (array_keys($role['capabilities']) as $cap) {
-            -
                        if ($this->block_cap_for_single_admin($cap)) {
-            -
                            $result = true;
-            -
                            break;
-            -
                        }
-            -
                    }
-            -
-            -
                    return $result;
-            -
                }
-            -
                // end of role_contains_caps_not_allowed_for_simple_admin()
-            -
-            -
                /**
-            -
                 * return array with roles which we could delete, e.g self-created and not used with any blog user
-            -
                 *
-            -
                 * @return array
-            -
                 */
-            -
                public function get_roles_can_delete() {
-            -
-            -
                    $default_role = get_option('default_role');
-            -
                    $standard_roles = array('administrator', 'editor', 'author', 'contributor', 'subscriber');
-            -
                    $roles_can_delete = array();
-            -
                    $users = count_users();
-            -
                    foreach ($this->roles as $key => $role) {
-            -
                        $can_delete = true;
-            -
                        // check if it is default role for new users
-            -
                        if ($key == $default_role) {
-            -
                            $can_delete = false;
-            -
                            continue;
-            -
                        }
-            -
                        // check if it is standard role
-            -
                        if (in_array($key, $standard_roles)) {
-            -
                            continue;
-            -
                        }
-            -
                        // check if role has capabilities prohibited for the single site administrator
-            -
                        if ($this->role_contains_caps_not_allowed_for_simple_admin($key)) {
-            -
                            continue;
-            -
                        }
-            -
-            -
                        if (!isset($users['avail_roles'][$key])) {
-            -
                            $roles_can_delete[$key] = $role['name'] . ' (' . $key . ')';
-            -
                        }
-            -
                    }
-            -
-            -
                    return $roles_can_delete;
-            -
                }
-            -
                // end of get_roles_can_delete()
-            -
-            -
-            -
                /**
-            -
                 * return array of built-in WP capabilities (WP 3.1 wp-admin/includes/schema.php)
-            -
                 *
-            -
                 * @return array
-            -
                 */
-            -
                public function get_built_in_wp_caps() {
-            -
-            -
                    $caps_groups = URE_Capabilities_Groups_Manager::get_instance();
-            -
                    $caps = $caps_groups->get_built_in_wp_caps();
-            -
-            -
                    return $caps;
-            -
                }
-            -
                // end of get_built_in_wp_caps()
-            -
-            -
-            -
                /**
-            -
                 * Returns array of WPBakery Visual Composer plugin capabilities
-            -
                 * extracted by 'vc_access_rules_' prefix
-            -
                 */
-            -
                public function get_visual_composer_caps($full_caps_list) {
-            -
                    $caps = array();
-            -
                    foreach(array_keys($full_caps_list) as $cap) {
-            -
                        if (strpos($cap, 'vc_access_rules_')!==false) {
-            -
                            $caps[$cap] = 1;
-            -
                        }
-            -
                    }
-            -
-            -
                    return $caps;
-            -
                }
-            -
                // end of get_visual_composer_caps()
-            -
-            -
                /**
-            -
                 *  Build full capabilities list from all roles
-            -
                 */
-            -
                private function get_full_caps_list_from_roles() {
-            -
                    $wp_roles = wp_roles();
-            -
                    // build full capabilities list from all roles
-            -
                    $full_caps_list = array();
-            -
                    foreach ($wp_roles->roles as $role) {
-            -
                        // validate if capabilities is an array
-            -
                        if (isset($role['capabilities']) && is_array($role['capabilities'])) {
-            -
                            foreach ($role['capabilities'] as $capability => $value) {
-            -
                                if (!isset($full_caps_list[$capability])) {
-            -
                                    $full_caps_list[$capability] = 1;
-            -
                                }
-            -
                            }
-            -
                        }
-            -
                    }
-            -
-            -
                    return $full_caps_list;
-            -
                }
-            -
                // end of get_full_caps_list_from_roles()
-            -
-            -
-            -
                /**
-            -
                 * return the array of unused user capabilities
-            -
                 *
-            -
                 * @global WP_Roles $wp_roles
-            -
                 * @return array
-            -
                 */
-            -
                public function get_caps_to_remove() {
-            -
                    $wp_roles = wp_roles();
-            -
                    $full_caps_list = $this->get_full_caps_list_from_roles();
-            -
                    $caps_to_exclude = $this->get_built_in_wp_caps();
-            -
                    $ure_caps = URE_Own_Capabilities::get_caps();
-            -
                    $visual_composer_caps = $this->get_visual_composer_caps($full_caps_list);
-            -
                    $caps_to_exclude = array_merge($caps_to_exclude, $ure_caps, $visual_composer_caps);
-            -
-            -
                    $caps_to_remove = array();
-            -
                    foreach ($full_caps_list as $capability => $value) {
-            -
                        if (isset($caps_to_exclude[$capability])) {    // do not touch built-in WP caps, URE own caps and Visual Composer caps
-            -
                            continue;
-            -
                        }
-            -
-            -
                        // check roles
-            -
                        $cap_in_use = false;
-            -
                        foreach ($wp_roles->role_objects as $wp_role) {
-            -
                            if ($wp_role->name != 'administrator') {
-            -
                                if ($wp_role->has_cap($capability)) {
-            -
                                    $cap_in_use = true;
-            -
                                    break;
-            -
                                }
-            -
                            }
-            -
                        }
-            -
                        if (!$cap_in_use) {
-            -
                            $caps_to_remove[$capability] = 1;
-            -
                        }
-            -
                    }   // foreach(...)
-            -
-            -
                    return $caps_to_remove;
-            -
                }
-            -
                // end of get_caps_to_remove()
-            -
-            -
-            -
                /**
-            -
                 * Return true if $capability is included to the list of capabilities allowed for the single site administrator
-            -
                 * @param string $capability - capability ID
-            -
                 * @param boolean $ignore_super_admin - if
-            -
                 * @return boolean
-            -
                 */
-            -
                public function block_cap_for_single_admin($capability, $ignore_super_admin=false) {
-            -
-            -
                    if (!$this->is_pro()) {    // this functionality is for the Pro version only.
-            -
                        return false;
-            -
                    }
-            -
-            -
                    if (!$this->multisite) {    // work for multisite only
-            -
                        return false;
-            -
                    }
-            -
                    if (!$ignore_super_admin && $this->is_super_admin()) { // Do not block superadmin
-            -
                        return false;
-            -
                    }
-            -
                    $caps_access_restrict_for_simple_admin = $this->get_option('caps_access_restrict_for_simple_admin', 0);
-            -
                    if (!$caps_access_restrict_for_simple_admin) {
-            -
                        return false;
-            -
                    }
-            -
                    $allowed_caps = $this->get_option('caps_allowed_for_single_admin', array());
-            -
                    if (in_array($capability, $allowed_caps)) {
-            -
                        $block_this_cap = false;
-            -
                    } else {
-            -
                        $block_this_cap = true;
-            -
                    }
-            -
-            -
                    return $block_this_cap;
-            -
                }
-            -
                // end of block_cap_for_single_admin()
-            -
-            -
-            -
                /**
-            -
                 *  Go through all users and if user has non-existing role lower him to Subscriber role
-            -
                 *
-            -
                 */
-            -
                protected function validate_user_roles() {
-            -
                    global $wp_roles;
-            -
-            -
                    $default_role = get_option('default_role');
-            -
                    if (empty($default_role)) {
-            -
                        $default_role = 'subscriber';
-            -
                    }
-            -
                    $users_query = new WP_User_Query(array('fields' => 'ID'));
-            -
                    $users = $users_query->get_results();
-            -
                    foreach ($users as $user_id) {
-            -
                        $user = get_user_by('id', $user_id);
-            -
                        if (is_array($user->roles) && count($user->roles) > 0) {
-            -
                            foreach ($user->roles as $role) {
-            -
                                $user_role = $role;
-            -
                                break;
-            -
                            }
-            -
                        } else {
-            -
                            $user_role = is_array($user->roles) ? '' : $user->roles;
-            -
                        }
-            -
                        if (!empty($user_role) && !isset($wp_roles->roles[$user_role])) { // role doesn't exists
-            -
                            $user->set_role($default_role); // set the lowest level role for this user
-            -
                            $user_role = '';
-            -
                        }
-            -
-            -
                        if (empty($user_role)) {
-            -
                            // Cleanup users level capabilities from non-existed roles
-            -
                            $cap_removed = true;
-            -
                            while (count($user->caps) > 0 && $cap_removed) {
-            -
                                foreach ($user->caps as $capability => $value) {
-            -
                                    if (!isset($this->full_capabilities[$capability])) {
-            -
                                        $user->remove_cap($capability);
-            -
                                        $cap_removed = true;
-            -
                                        break;
-            -
                                    }
-            -
                                    $cap_removed = false;
-            -
                                }
-            -
                            }  // while ()
-            -
                        }
-            -
                    }  // foreach()
-            -
                }
-            -
                // end of validate_user_roles()
-            -
-            -
-            -
                protected function add_capability_to_full_caps_list($cap_id) {
-            -
                    if (!isset($this->full_capabilities[$cap_id])) {    // if capability was not added yet
-            -
                        $cap = array();
-            -
                        $cap['inner'] = $cap_id;
-            -
                        $cap['human'] = esc_html__($this->convert_caps_to_readable($cap_id), 'user-role-editor');
-            -
                        if (isset($this->built_in_wp_caps[$cap_id])) {
-            -
                            $cap['wp_core'] = true;
-            -
                        } else {
-            -
                            $cap['wp_core'] = false;
-            -
                        }
-            -
-            -
                        $this->full_capabilities[$cap_id] = $cap;
-            -
                    }
-            -
                }
-            -
                // end of add_capability_to_full_caps_list()
-            -
-            -
-            -
                /**
-            -
                 * Add capabilities from user roles save at WordPress database
-            -
                 *
-            -
                 */
-            -
                protected function add_roles_caps() {
-            -
                    foreach ($this->roles as $role) {
-            -
                        // validate if capabilities is an array
-            -
                        if (isset($role['capabilities']) && is_array($role['capabilities'])) {
-            -
                            foreach (array_keys($role['capabilities']) as $cap) {
-            -
                                $this->add_capability_to_full_caps_list($cap);
-            -
                            }
-            -
                        }
-            -
                    }
-            -
                }
-            -
                // end of add_roles_caps()
-            -
-            -
-            -
                /**
-            -
                 * Add Gravity Forms plugin capabilities, if available
-            -
                 *
-            -
                 */
-            -
                protected function add_gravity_forms_caps() {
-            -
-            -
                    if (class_exists('GFCommon')) {
-            -
                        $gf_caps = GFCommon::all_caps();
-            -
                        foreach ($gf_caps as $gf_cap) {
-            -
                            $this->add_capability_to_full_caps_list($gf_cap);
-            -
                        }
-            -
                    }
-            -
-            -
                }
-            -
                // end of add_gravity_forms_caps()
-            -
-            -
-            -
                /**
-            -
                 * Add bbPress plugin user capabilities (if available)
-            -
                 */
-            -
                protected function add_bbpress_caps() {
-            -
-            -
                    $bbpress = $this->get_bbpress();
-            -
                    if (!$bbpress->is_active()) {
-            -
                        return;
-            -
                    }
-            -
-            -
                    $caps = $bbpress->get_caps();
-            -
                    foreach ($caps as $cap) {
-            -
                        $this->add_capability_to_full_caps_list($cap);
-            -
                    }
-            -
                }
-            -
                // end of add_bbpress_caps()
-            -
-            -
-            -
                /**
-            -
                 * Provide compatibility with plugins and themes which define their custom user capabilities using
-            -
                 * 'members_get_capabilities' filter from Members plugin
-            -
                 *
-            -
                 */
-            -
                protected function add_members_caps() {
-            -
-            -
                    $custom_caps = array();
-            -
                    $custom_caps = apply_filters( 'members_get_capabilities', $custom_caps );
-            -
                    foreach ($custom_caps as $cap) {
-            -
                       $this->add_capability_to_full_caps_list($cap);
-            -
                    }
-            -
-            -
                }
-            -
                // end of add_members_caps()
-            -
-            -
-            -
                /**
-            -
                 * Add capabilities assigned directly to user, and not included into any role
-            -
                 *
-            -
                 */
-            -
                protected function add_user_caps() {
-            -
-            -
                    if ($this->ure_object=='user') {
-            -
                        foreach(array_keys($this->user_to_edit->caps) as $cap)  {
-            -
                            if (!isset($this->roles[$cap])) {   // it is the user capability, not role
-            -
                                $this->add_capability_to_full_caps_list($cap);
-            -
                            }
-            -
                        }
-            -
                    }
-            -
-            -
                }
-            -
                // end of add_user_caps()
-            -
-            -
-            -
                /**
-            -
                 * Add built-in WordPress caps in case some were not included to the roles for some reason
-            -
                 *
-            -
                 */
-            -
                protected function add_wordpress_caps() {
-            -
-            -
                    foreach (array_keys($this->built_in_wp_caps) as $cap) {
-            -
                        $this->add_capability_to_full_caps_list($cap);
-            -
                    }
-            -
-            -
                }
-            -
                // end of add_wordpress_caps()
-            -
-            -
-            -
                /**
-            -
                 * Return all available post types except non-public WordPress built-in post types
-            -
                 *
-            -
                 * @return array
-            -
                 */
-            -
                public function _get_post_types() {
-            -
-            -
                    $all_post_types = get_post_types();
-            -
                    $internal_post_types = get_post_types(array('public'=>false, '_builtin'=>true));
-            -
                    $post_types = array_diff($all_post_types, $internal_post_types);
-            -
-            -
                    return $post_types;
-            -
                }
-            -
                // end of _get_post_types()
-            -
-            -
-            -
                public function get_edit_post_capabilities() {
-            -
                    $capabilities = array(
-            -
                        'create_posts',
-            -
                        'edit_posts',
-            -
                        'edit_published_posts',
-            -
                        'edit_others_posts',
-            -
                        'edit_private_posts',
-            -
                        'publish_posts',
-            -
                        'read_private_posts',
-            -
                        'delete_posts',
-            -
                        'delete_private_posts',
-            -
                        'delete_published_posts',
-            -
                        'delete_others_posts'
-            -
                    );
-            -
-            -
                    return $capabilities;
-            -
                }
-            -
                // end of get_edit_post_capabilities();
-            -
-            -
-            -
                protected function add_custom_post_type_caps() {
-            -
                    global $wp_roles;
-            -
-            -
                    $capabilities = $this->get_edit_post_capabilities();
-            -
                    $post_types = get_post_types(array(), 'objects');
-            -
                    $_post_types = $this->_get_post_types();
-            -
                    // do not forget attachment post type as it may use the own capabilities set
-            -
                    $attachment_post_type = get_post_type_object('attachment');
-            -
                    if ($attachment_post_type->cap->edit_posts!=='edit_posts') {
-            -
                        $post_types['attachment'] = $attachment_post_type;
-            -
                    }
-            -
-            -
                    foreach($post_types as $post_type) {
-            -
                        if (!isset($_post_types[$post_type->name])) {
-            -
                            continue;
-            -
                        }
-            -
                        if (!isset($post_type->cap)) {
-            -
                            continue;
-            -
                        }
-            -
                        foreach($capabilities as $capability) {
-            -
                            if (!isset($post_type->cap->$capability)) {
-            -
                                continue;
-            -
                            }
-            -
                            $cap_to_check = $post_type->cap->$capability;
-            -
                            $this->add_capability_to_full_caps_list($cap_to_check);
-            -
                            if (!$this->multisite &&
-            -
                                isset($wp_roles->role_objects['administrator']) &&
-            -
                                !isset($wp_roles->role_objects['administrator']->capabilities[$cap_to_check])) {
-            -
                                // admin should be capable to edit any posts
-            -
                                $wp_roles->role_objects['administrator']->add_cap($cap_to_check, true);
-            -
                            }
-            -
                        }
-            -
                    }
-            -
-            -
                    if (!$this->multisite && isset($wp_roles->role_objects['administrator'])) {
-            -
                        foreach(array('post', 'page') as $post_type_name) {
-            -
                            $post_type = get_post_type_object($post_type_name);
-            -
                            if ($post_type->cap->create_posts!=='edit_'. $post_type->name .'s') {   // 'create' capability is active
-            -
                                if (!isset($wp_roles->role_objects['administrator']->capabilities[$post_type->cap->create_posts])) {
-            -
                                    // admin should be capable to create posts and pages
-            -
                                    $wp_roles->role_objects['administrator']->add_cap($post_type->cap->create_posts, true);
-            -
                                }
-            -
                            }
-            -
                        }   // foreach()
-            -
                    }   // if ()
-            -
-            -
                }
-            -
                // end of add_custom_post_type_caps()
-            -
-            -
-            -
                /**
-            -
                 * Add capabilities for URE permissions system in case some were excluded from Administrator role
-            -
                 *
-            -
                 */
-            -
                protected function add_ure_caps() {
-            -
-            -
                    $key_cap = URE_Own_Capabilities::get_key_capability();
-            -
                    if (!current_user_can($key_cap)) {
-            -
                        return;
-            -
                    }
-            -
                    $ure_caps = URE_Own_Capabilities::get_caps();
-            -
                    foreach(array_keys($ure_caps) as $cap) {
-            -
                        $this->add_capability_to_full_caps_list($cap);
-            -
                    }
-            -
-            -
                }
-            -
                // end of add_ure_caps()
-            -
-            -
-            -
                public function init_full_capabilities() {
-            -
-            -
                    $this->built_in_wp_caps = $this->get_built_in_wp_caps();
-            -
                    $this->full_capabilities = array();
-            -
                    $this->add_roles_caps();
-            -
                    $this->add_gravity_forms_caps();
-            -
                    $this->add_bbpress_caps();
-            -
                    $this->add_members_caps();
-            -
                    $this->add_user_caps();
-            -
                    $this->add_wordpress_caps();
-            -
                    $this->add_custom_post_type_caps();
-            -
                    $this->add_ure_caps();
-            -
-            -
                    unset($this->built_in_wp_caps);
-            -
                    asort($this->full_capabilities);
-            -
-            -
                    $this->full_capabilities = apply_filters('ure_full_capabilites', $this->full_capabilities);
-            -
-            -
                }
-            -
                // end of init_full_capabilities()
-            -
-            -
-            -
                /**
-            -
                 * return WordPress user roles to its initial state, just like after installation
-            -
                 * @global WP_Roles $wp_roles
-            -
                 */
-            -
                protected function wp_roles_reinit() {
-            -
                    global $wp_roles, $wp_user_roles;
-            -
-            -
                    $wp_user_roles = null;
-            -
                    $wp_roles->roles = array();
-            -
                    $wp_roles->role_objects = array();
-            -
                    $wp_roles->role_names = array();
-            -
                    $wp_roles->use_db = true;
-            -
-            -
                    require_once(ABSPATH . '/wp-admin/includes/schema.php');
-            -
                    populate_roles();
-            -
                    $wp_roles = new WP_Roles();
-            -
-            -
                    $this->roles = $this->get_user_roles();
-            -
-            -
                }
-            -
                // end of wp_roles_reinit()
-            -
-            -
                /**
-            -
                 * reset user roles to WordPress default roles
-            -
                 */
-            -
                public function reset_user_roles() {
-            -
-            -
                    if (!current_user_can('ure_reset_roles')) {
-            -
                       esc_html_e('Insufficient permissions to work with User Role Editor','user-role-editor');
-            -
                       die;
-            -
                    }
-            -
-            -
                    $this->wp_roles_reinit();
-            -
                    URE_Own_Capabilities::init_caps();
-            -
                    $this->get_apply_to_all_from_post();
-            -
                    if ($this->apply_to_all) {
-            -
                        $this->current_role = '';
-            -
                        $this->direct_network_roles_update();
-            -
                    }
-            -
-            -
                }
-            -
                // end of reset_user_roles()
-            -
-            -
-            -
                /**
-            -
                 * Make full synchronization of roles for all sites with roles from the main site directly updating database records
-            -
                 *
-            -
                 * @return boolean
-            -
                 */
-            -
                public function is_full_network_synch() {
-            -
-            -
                    $result = defined('URE_MULTISITE_DIRECT_UPDATE') && URE_MULTISITE_DIRECT_UPDATE == 1;
-            -
-            -
                    return $result;
-            -
                }
-            -
                // end of is_full_network_synch()
-            -
-            -
-            -
                protected function last_check_before_update() {
-            -
-            -
                    if (empty($this->roles) || !is_array($this->roles) || count($this->roles)==0) { // Nothing to save - something goes wrong - stop ...
-            -
                        return false;
-            -
                    }
-            -
-            -
                    $key_capability = URE_Own_Capabilities::get_key_capability();
-            -
                    if (current_user_can($key_capability)) {    // current user is an URE admin
-            -
                        return true;
-            -
                    }
-            -
-            -
                    if (!current_user_can('ure_edit_roles')) {
-            -
                        return false;
-            -
                    }
-            -
-            -
                    $current_user = wp_get_current_user();
-            -
                    if (in_array($this->current_role, $current_user->roles)) {
-            -
                        // do not allow to non-admin user without full access to URE update his own role
-            -
                        return false;
-            -
                    }
-            -
-            -
-            -
                    return true;
-            -
                }
-            -
                // end of last_check_before_update()
-            -
-            -
-            -
                // Save Roles to database
-            -
                protected function save_roles() {
-            -
                    global $wpdb;
-            -
-            -
                    if (!$this->last_check_before_update()) {
-            -
                        return false;
-            -
                    }
-            -
                    if (!isset($this->roles[$this->current_role])) {
-            -
                        return false;
-            -
                    }
-            -
-            -
                    $this->capabilities_to_save = $this->remove_caps_not_allowed_for_single_admin($this->capabilities_to_save);
-            -
                    $this->roles[$this->current_role]['name'] = $this->current_role_name;
-            -
                    $this->roles[$this->current_role]['capabilities'] = $this->capabilities_to_save;
-            -
                    $option_name = $wpdb->prefix . 'user_roles';
-            -
-            -
                    update_option($option_name, $this->roles);
-            -
-            -
                    // save additional options for the current role
-            -
                    if (empty($this->role_additional_options)) {
-            -
                        $this->role_additional_options = URE_Role_Additional_Options::get_instance($this);
-            -
                    }
-            -
                    $this->role_additional_options->save($this->current_role);
-            -
-            -
                    return true;
-            -
                }
-            -
                // end of save_roles()
-            -
-            -
-            -
                /**
-            -
                 * Update roles for all network using direct database access - quicker in several times
-            -
                 * Execution speed is critical for large multi-site networks.
-            -
                 * @global wpdb $wpdb
-            -
                 * @return boolean
-            -
                 */
-            -
                public function direct_network_roles_update() {
-            -
                    global $wpdb;
-            -
-            -
                    if (!$this->last_check_before_update()) {
-            -
                        return false;
-            -
                    }
-            -
                    if (!empty($this->current_role)) {
-            -
                        $this->roles[$this->current_role]['name'] = $this->current_role_name;
-            -
                        $this->roles[$this->current_role]['capabilities'] = $this->capabilities_to_save;
-            -
                    }
-            -
-            -
                    $serialized_roles = serialize($this->roles);
-            -
                    $blog_ids = $this->get_blog_ids();
-            -
                    foreach ($blog_ids as $blog_id) {
-            -
                        $prefix = $wpdb->get_blog_prefix($blog_id);
-            -
                        $options_table_name = $prefix . 'options';
-            -
                        $option_name = $prefix . 'user_roles';
-            -
                        $query = "update $options_table_name
-            -
                            set option_value='$serialized_roles'
-            -
                            where option_name='$option_name'
-            -
                            limit 1";
-            -
                        $wpdb->query($query);
-            -
                        if ($wpdb->last_error) {
-            -
                            return false;
-            -
                        }
-            -
                        // @TODO: save role additional options
-            -
-            -
                    }
-            -
-            -
                    return true;
-            -
                }
-            -
                // end of direct_network_roles_update()
-            -
-            -
-            -
                public function restore_after_blog_switching($blog_id = 0) {
-            -
-            -
                    if (!empty($blog_id)) {
-            -
                        switch_to_blog($blog_id);
-            -
                    }
-            -
                    // cleanup blog switching data
-            -
                    $GLOBALS['_wp_switched_stack'] = array();
-            -
                    $GLOBALS['switched'] = ! empty( $GLOBALS['_wp_switched_stack'] );
-            -
                }
-            -
                // end of restore_after_blog_switching()
-            -
-            -
-            -
                protected function wp_api_network_roles_update() {
-            -
                    global $wpdb;
-            -
-            -
                    $result = true;
-            -
                    $old_blog = $wpdb->blogid;
-            -
                    $blog_ids = $this->get_blog_ids();
-            -
                    foreach ($blog_ids as $blog_id) {
-            -
                        switch_to_blog($blog_id);
-            -
                        $this->roles = $this->get_user_roles();
-            -
                        if (!isset($this->roles[$this->current_role])) { // add new role to this blog
-            -
                            $this->roles[$this->current_role] = array('name' => $this->current_role_name, 'capabilities' => array('read' => true));
-            -
                        }
-            -
                        if (!$this->save_roles()) {
-            -
                            $result = false;
-            -
                            break;
-            -
                        }
-            -
                    }
-            -
                    $this->restore_after_blog_switching($old_blog);
-            -
                    $this->roles = $this->get_user_roles();
-            -
-            -
                    return $result;
-            -
                }
-            -
                // end of wp_api_network_roles_update()
-            -
-            -
-            -
                /**
-            -
                 * Update role for all network using WordPress API
-            -
                 *
-            -
                 * @return boolean
-            -
                 */
-            -
                protected function multisite_update_roles() {
-            -
-            -
                    if ($this->debug) {
-            -
                        $time_shot = microtime();
-            -
                    }
-            -
-            -
                    if ($this->is_full_network_synch()) {
-            -
                        $result = $this->direct_network_roles_update();
-            -
                    } else {
-            -
                        $result = $this->wp_api_network_roles_update();
-            -
                    }
-            -
-            -
                    if ($this->debug) {
-            -
                        echo '<div class="updated fade below-h2">Roles updated for ' . ( microtime() - $time_shot ) . ' milliseconds</div>';
-            -
                    }
-            -
-            -
                    return $result;
-            -
                }
-            -
                // end of multisite_update_roles()
-            -
-            -
-            -
                /**
-            -
                 * Process user request on update roles
-            -
                 *
-            -
                 * @global WP_Roles $wp_roles
-            -
                 * @return boolean
-            -
                 */
-            -
                protected function update_roles() {
-            -
                    global $wp_roles;
-            -
-            -
                    if ($this->multisite && $this->is_super_admin() && $this->apply_to_all) {  // update Role for the all blogs/sites in the network (permitted to superadmin only)
-            -
                        if (!$this->multisite_update_roles()) {
-            -
                            return false;
-            -
                        }
-            -
                    } else {
-            -
                        if (!$this->save_roles()) {
-            -
                            return false;
-            -
                        }
-            -
                    }
-            -
-            -
                    // refresh global $wp_roles
-            -
                    $wp_roles = new WP_Roles();
-            -
-            -
                    return true;
-            -
                }
-            -
                // end of update_roles()
-            -
-            -
-            -
                /**
-            -
                 * returns array without capabilities blocked for single site administrators
-            -
                 * @param array $capabilities
-            -
                 * @return array
-            -
                 */
-            -
                protected function remove_caps_not_allowed_for_single_admin($capabilities) {
-            -
-            -
                    foreach(array_keys($capabilities) as $cap) {
-            -
                        if ($this->block_cap_for_single_admin($cap)) {
-            -
                            unset($capabilities[$cap]);
-            -
                        }
-            -
                    }
-            -
-            -
                    return $capabilities;
-            -
                }
-            -
                // end of remove_caps_not_allowed_for_single_admin()
-            -
-            -
-            -
                /**
-            -
                 * process new role create request
-            -
                 *
-            -
                 * @global WP_Roles $wp_roles
-            -
                 *
-            -
                 * @return string   - message about operation result
-            -
                 *
-            -
                 */
-            -
                protected function add_new_role() {
-            -
                    global $wp_roles;
-            -
-            -
                    if (!current_user_can('ure_create_roles')) {
-            -
                        return esc_html__('Insufficient permissions to work with User Role Editor','user-role-editor');
-            -
                    }
-            -
                    $mess = '';
-            -
                    $this->current_role = '';
-            -
                    if (isset($_POST['user_role_id']) && $_POST['user_role_id']) {
-            -
                        $user_role_id = utf8_decode($_POST['user_role_id']);
-            -
                        // sanitize user input for security
-            -
                        $valid_name = preg_match('/[A-Za-z0-9_\-]*/', $user_role_id, $match);
-            -
                        if (!$valid_name || ($valid_name && ($match[0] != $user_role_id))) { // some non-alphanumeric charactes found!
-            -
                            return esc_html__('Error: Role ID must contain latin characters, digits, hyphens or underscore only!', 'user-role-editor');
-            -
                        }
-            -
                        $numeric_name = preg_match('/[0-9]*/', $user_role_id, $match);
-            -
                        if ($numeric_name && ($match[0] == $user_role_id)) { // numeric name discovered
-            -
                            return esc_html__('Error: WordPress does not support numeric Role name (ID). Add latin characters to it.', 'user-role-editor');
-            -
                        }
-            -
-            -
                        if ($user_role_id) {
-            -
                            $user_role_name = isset($_POST['user_role_name']) ? $_POST['user_role_name'] : false;
-            -
                            if (!empty($user_role_name)) {
-            -
                                $user_role_name = sanitize_text_field($user_role_name);
-            -
                            } else {
-            -
                                $user_role_name = $user_role_id;  // as user role name is empty, use user role ID instead
-            -
                            }
-            -
-            -
                            if (!isset($wp_roles)) {
-            -
                                $wp_roles = new WP_Roles();
-            -
                            }
-            -
                            if (isset($wp_roles->roles[$user_role_id])) {
-            -
                                return sprintf('Error! ' . esc_html__('Role %s exists already', 'user-role-editor'), $user_role_id);
-            -
                            }
-            -
                            $user_role_id = strtolower($user_role_id);
-            -
                            $this->current_role = $user_role_id;
-            -
-            -
                            $user_role_copy_from = isset($_POST['user_role_copy_from']) ? $_POST['user_role_copy_from'] : false;
-            -
                            if (!empty($user_role_copy_from) && $user_role_copy_from != 'none' && $wp_roles->is_role($user_role_copy_from)) {
-            -
                                $role = $wp_roles->get_role($user_role_copy_from);
-            -
                                $capabilities = $this->remove_caps_not_allowed_for_single_admin($role->capabilities);
-            -
                            } else {
-            -
                                $capabilities = array('read' => true, 'level_0' => true);
-            -
                            }
-            -
                            // add new role to the roles array
-            -
                            $result = add_role($user_role_id, $user_role_name, $capabilities);
-            -
                            if (!isset($result) || empty($result)) {
-            -
                                $mess = 'Error! ' . esc_html__('Error is encountered during new role create operation', 'user-role-editor');
-            -
                            } else {
-            -
                                $mess = sprintf(esc_html__('Role %s is created successfully', 'user-role-editor'), $user_role_name);
-            -
                            }
-            -
                        }
-            -
                    }
-            -
                    return $mess;
-            -
                }
-            -
                // end of new_role_create()
-            -
-            -
-            -
                /**
-            -
                 * process rename role request
-            -
                 *
-            -
                 * @global WP_Roles $wp_roles
-            -
                 *
-            -
                 * @return string   - message about operation result
-            -
                 *
-            -
                 */
-            -
                protected function rename_role() {
-            -
                    global $wp_roles;
-            -
-            -
                    $mess = '';
-            -
                    $user_role_id = filter_input(INPUT_POST, 'user_role_id', FILTER_SANITIZE_STRING);
-            -
                    if (empty($user_role_id)) {
-            -
                        return esc_html__('Error: Role ID is empty!', 'user-role-editor');
-            -
                    }
-            -
                    $user_role_id = utf8_decode($user_role_id);
-            -
                    // sanitize user input for security
-            -
                    $match = array();
-            -
                    $valid_name = preg_match('/[A-Za-z0-9_\-]*/', $user_role_id, $match);
-            -
                    if (!$valid_name || ($valid_name && ($match[0] != $user_role_id))) { // some non-alphanumeric charactes found!
-            -
                        return esc_html__('Error: Role ID must contain latin characters, digits, hyphens or underscore only!', 'user-role-editor');
-            -
                    }
-            -
                    $numeric_name = preg_match('/[0-9]*/', $user_role_id, $match);
-            -
                    if ($numeric_name && ($match[0] == $user_role_id)) { // numeric name discovered
-            -
                        return esc_html__('Error: WordPress does not support numeric Role name (ID). Add latin characters to it.', 'user-role-editor');
-            -
                    }
-            -
-            -
                    $new_role_name = filter_input(INPUT_POST, 'user_role_name', FILTER_SANITIZE_STRING);
-            -
                    if (!empty($new_role_name)) {
-            -
                        $new_role_name = sanitize_text_field($new_role_name);
-            -
                    } else {
-            -
                        return esc_html__('Error: Empty role display name is not allowed.', 'user-role-editor');
-            -
                    }
-            -
-            -
                    if (!isset($wp_roles)) {
-            -
                        $wp_roles = new WP_Roles();
-            -
                    }
-            -
                    if (!isset($wp_roles->roles[$user_role_id])) {
-            -
                        return sprintf('Error! ' . esc_html__('Role %s does not exists', 'user-role-editor'), $user_role_id);
-            -
                    }
-            -
                    $this->current_role = $user_role_id;
-            -
                    $this->current_role_name = $new_role_name;
-            -
-            -
                    $old_role_name = $wp_roles->roles[$user_role_id]['name'];
-            -
                    $wp_roles->roles[$user_role_id]['name'] = $new_role_name;
-            -
                    update_option( $wp_roles->role_key, $wp_roles->roles );
-            -
                    $mess = sprintf(esc_html__('Role %s is renamed to %s successfully', 'user-role-editor'), $old_role_name, $new_role_name);
-            -
-            -
                    return $mess;
-            -
                }
-            -
                // end of rename_role()
-            -
                 /**
-            -
                 * Deletes user role from the WP database
                  */
-            -
                protected function delete_wp_roles($roles_to_del) {
-            -
                    global $wp_roles;
-            -
-            -
                    if (!current_user_can('ure_delete_roles')) {
-            -
                        return esc_html__('Insufficient permissions to work with User Role Editor','user-role-editor');
-            -
                    }
-            -
                    if (!isset($wp_roles)) {
-            -
                        $wp_roles = new WP_Roles();
+                    }
-            -
                    $result = false;
-            -
                    foreach($roles_to_del as $role_id) {
-            -
                        if (!isset($wp_roles->roles[$role_id])) {
-            -
                            $result = false;
-            -
                            break;
-            -
                        }
-            -
                        if ($this->role_contains_caps_not_allowed_for_simple_admin($role_id)) { // do not delete
-            -
                            continue;
+                        }
-            -
                        unset($wp_roles->role_objects[$role_id]);
-            -
                        unset($wp_roles->role_names[$role_id]);
-            -
                        unset($wp_roles->roles[$role_id]);
-            -
                        $result = true;
-            -
                    }   // foreach()
-            -
                    if ($result) {
-            -
                        update_option($wp_roles->role_key, $wp_roles->roles);
+                    }
-            -
                    return $result;
+                }
-            -
                // end of delete_wp_roles()
-            -
                protected function delete_all_unused_roles() {
-            -
                    $this->roles = $this->get_user_roles();
-            -
                    $roles_to_del = array_keys($this->get_roles_can_delete());
-            -
                    $result = $this->delete_wp_roles($roles_to_del);
-            -
                    $this->roles = null;    // to force roles refresh
-            -
                    return $result;
-            -
                }
-            -
                // end of delete_all_unused_roles()
-            -
                 /**
-            -
                 * Process user request for user role deletion
-            -
                 * @return string
                  */
-            -
                protected function delete_role() {
-            -
                    if (!current_user_can('ure_delete_roles')) {
-            -
                        return esc_html__('Insufficient permissions to work with User Role Editor','user-role-editor');
-            -
                    }
-            -
                    $mess = '';
-            -
                    if (isset($_POST['user_role_id']) && $_POST['user_role_id']) {
-            -
                        $role = $_POST['user_role_id'];
-            -
                        if ($role==-1) { // delete all unused roles
-            -
                            $result = $this->delete_all_unused_roles();
-            -
                        } else {
-            -
                            $result = $this->delete_wp_roles(array($role));
-            -
                        }
-            -
                        if (empty($result)) {
-            -
                            $mess = 'Error! ' . esc_html__('Error encountered during role delete operation', 'user-role-editor');
-            -
                        } elseif ($role==-1) {
-            -
                            $mess = sprintf(esc_html__('Unused roles are deleted successfully', 'user-role-editor'), $role);
-            -
                        } else {
-            -
                            $mess = sprintf(esc_html__('Role %s is deleted successfully', 'user-role-editor'), $role);
-            -
                        }
-            -
                        unset($_POST['user_role']);
+                    }
-            -
-            -
                    return $mess;
+                }
-            -
                // end of ure_delete_role()
-            -
-            -
                /**
-            -
                 * Change default WordPress role
                  * @global WP_Roles $wp_roles
-            -
                 * @return string
                  */
-            -
                protected function change_default_role() {
-            -
                    if (!$this->multisite || is_network_admin()) {
-            -
                        return 'Try to misuse the plugin functionality';
-            -
                    }
-            -
-            -
                    $mess = '';
-            -
                    if (!isset($wp_roles)) {
-            -
                        $wp_roles = new WP_Roles();
                         $wp_roles = wp_roles();
-            -
                    }
-            -
                    if (!empty($_POST['user_role_id'])) {
-            -
                        $user_role_id = $_POST['user_role_id'];
-            -
                        unset($_POST['user_role_id']);
-            -
                        if (isset($wp_roles->role_objects[$user_role_id]) && $user_role_id !== 'administrator') {
-            -
                            update_option('default_role', $user_role_id);
-            -
                            $this->get_default_role();
-            -
                            if ($this->wp_default_role===$user_role_id) {
-            -
                                $mess = sprintf(esc_html__('Default role for new users is set to %s successfully', 'user-role-editor'), $wp_roles->role_names[$user_role_id]);
-            -
                            } else {
-            -
                                $mess = 'Error! ' . esc_html__('Error encountered during default role change operation', 'user-role-editor');
-            -
                            }
-            -
                        } elseif ($user_role_id === 'administrator') {
-            -
                            $mess = 'Error! ' . esc_html__('Can not set Administrator role as a default one', 'user-role-editor');
-            -
                        } else {
-            -
                            $mess = 'Error! ' . esc_html__('This role does not exist - ', 'user-role-editor') . esc_html($user_role_id);
-            -
                        }
+                    }
-            -
                    return $mess;
+                }
-            -
                // end of change_default_role()
                 /**
-            -
                 * Not really used in the plugin - just storage for the translation strings
                  */
-            -
                protected function translation_data() {
-            -
            // for the translation purpose
-            -
                    if (false) {
-            -
            // Standard WordPress roles
-            -
                        __('Editor', 'user-role-editor');
-            -
                        __('Author', 'user-role-editor');
-            -
                        __('Contributor', 'user-role-editor');
-            -
                        __('Subscriber', 'user-role-editor');
-            -
            // Standard WordPress capabilities
-            -
                        __('Switch themes', 'user-role-editor');
-            -
                        __('Edit themes', 'user-role-editor');
-            -
                        __('Activate plugins', 'user-role-editor');
-            -
                        __('Edit plugins', 'user-role-editor');
-            -
                        __('Edit users', 'user-role-editor');
-            -
                        __('Edit files', 'user-role-editor');
-            -
                        __('Manage options', 'user-role-editor');
-            -
                        __('Moderate comments', 'user-role-editor');
-            -
                        __('Manage categories', 'user-role-editor');
-            -
                        __('Manage links', 'user-role-editor');
-            -
                        __('Upload files', 'user-role-editor');
-            -
                        __('Import', 'user-role-editor');
-            -
                        __('Unfiltered html', 'user-role-editor');
-            -
                        __('Edit posts', 'user-role-editor');
-            -
                        __('Edit others posts', 'user-role-editor');
-            -
                        __('Edit published posts', 'user-role-editor');
-            -
                        __('Publish posts', 'user-role-editor');
-            -
                        __('Edit pages', 'user-role-editor');
-            -
                        __('Read', 'user-role-editor');
-            -
                        __('Level 10', 'user-role-editor');
-            -
                        __('Level 9', 'user-role-editor');
-            -
                        __('Level 8', 'user-role-editor');
-            -
                        __('Level 7', 'user-role-editor');
-            -
                        __('Level 6', 'user-role-editor');
-            -
                        __('Level 5', 'user-role-editor');
-            -
                        __('Level 4', 'user-role-editor');
-            -
                        __('Level 3', 'user-role-editor');
-            -
                        __('Level 2', 'user-role-editor');
-            -
                        __('Level 1', 'user-role-editor');
-            -
                        __('Level 0', 'user-role-editor');
-            -
                        __('Edit others pages', 'user-role-editor');
-            -
                        __('Edit published pages', 'user-role-editor');
-            -
                        __('Publish pages', 'user-role-editor');
-            -
                        __('Delete pages', 'user-role-editor');
-            -
                        __('Delete others pages', 'user-role-editor');
-            -
                        __('Delete published pages', 'user-role-editor');
-            -
                        __('Delete posts', 'user-role-editor');
-            -
                        __('Delete others posts', 'user-role-editor');
-            -
                        __('Delete published posts', 'user-role-editor');
-            -
                        __('Delete private posts', 'user-role-editor');
-            -
                        __('Edit private posts', 'user-role-editor');
-            -
                        __('Read private posts', 'user-role-editor');
-            -
                        __('Delete private pages', 'user-role-editor');
-            -
                        __('Edit private pages', 'user-role-editor');
-            -
                        __('Read private pages', 'user-role-editor');
-            -
                        __('Delete users', 'user-role-editor');
-            -
                        __('Create users', 'user-role-editor');
-            -
                        __('Unfiltered upload', 'user-role-editor');
-            -
                        __('Edit dashboard', 'user-role-editor');
-            -
                        __('Update plugins', 'user-role-editor');
-            -
                        __('Delete plugins', 'user-role-editor');
-            -
                        __('Install plugins', 'user-role-editor');
-            -
                        __('Update themes', 'user-role-editor');
-            -
                        __('Install themes', 'user-role-editor');
-            -
                        __('Update core', 'user-role-editor');
-            -
                        __('List users', 'user-role-editor');
-            -
                        __('Remove users', 'user-role-editor');
-            -
                        __('Add users', 'user-role-editor');
-            -
                        __('Promote users', 'user-role-editor');
-            -
                        __('Edit theme options', 'user-role-editor');
-            -
                        __('Delete themes', 'user-role-editor');
-            -
                        __('Export', 'user-role-editor');
+                    }
+                }
-            -
                // end of translation_data()
-            -
                 /**
-            -
                 * placeholder - realized at the Pro version
                  */
-            -
                protected function check_blog_user($user) {
-            -
                    return true;
-            -
                }
-            -
                // end of check_blog_user()
-            -
-            -
                /**
-            -
                 * placeholder - realized at the Pro version
-            -
                 */
-            -
                protected function network_update_user($user) {
-            -
                    return true;
+                }
-            -
                // end of network_update_user()
-            -
-            -
                 /**
-            -
                 * Update user roles and capabilities
+                 *
-            -
                 * @global WP_Roles $wp_roles
-            -
                 * @param WP_User $user
-            -
                 * @return boolean
                  */
-            -
                protected function update_user($user) {
-            -
                    global $wp_roles;
-            -
-            -
                    if ($this->multisite) {
-            -
                        if (!$this->check_blog_user($user)) {
-            -
                            return false;
-            -
                        }
-            -
                    }
-            -
-            -
                    $select_primary_role = apply_filters('ure_users_select_primary_role', true);
-            -
                    if ($select_primary_role  || $this->is_super_admin()) {
-            -
                        $primary_role = $_POST['primary_role'];
-            -
                        if (empty($primary_role) || !isset($wp_roles->roles[$primary_role])) {
-            -
                            $primary_role = '';
-            -
                        }
-            -
                    } else {
-            -
                        if (!empty($user->roles)) {
-            -
                            $primary_role = $user->roles[0];
-            -
                        } else {
-            -
                            $primary_role = '';
-            -
                        }
-            -
                    }
-            -
-            -
                    if (function_exists('bbp_filter_blog_editable_roles')) {  // bbPress plugin is active
-            -
                        $bbp_user_role = bbp_get_user_role($user->ID);
-            -
                    } else {
-            -
                        $bbp_user_role = '';
-            -
                    }
-            -
-            -
                    $edit_user_caps_mode = $this->get_edit_user_caps_mode();
-            -
                    if (!$edit_user_caps_mode) {    // readonly mode
-            -
                        $this->capabilities_to_save = $user->caps;
-            -
                    }
-            -
                    // revoke all roles and capabilities from this user
-            -
                    $user->roles = array();
-            -
                    $user->remove_all_caps();
-            -
-            -
                    // restore primary role
-            -
                    if (!empty($primary_role)) {
-            -
                        $user->add_role($primary_role);
-            -
                    }
-            -
-            -
                    // restore bbPress user role if she had one
-            -
                    if (!empty($bbp_user_role)) {
-            -
                        $user->add_role($bbp_user_role);
-            -
                    }
-            -
-            -
                    // add other roles to user
-            -
                    foreach ($_POST as $key => $value) {
-            -
                        $result = preg_match('/^wp_role_(.+)/', $key, $match);
-            -
                        if ($result === 1) {
-            -
                            $role = $match[1];
-            -
                            if (isset($wp_roles->roles[$role])) {
-            -
                                $user->add_role($role);
-            -
                                if (!$edit_user_caps_mode && isset($this->capabilities_to_save[$role])) {
-            -
                                    unset($this->capabilities_to_save[$role]);
-            -
                                }
-            -
                            }
-            -
                        }
-            -
                    }
-            -
                    // add individual capabilities to user
-            -
                    if (count($this->capabilities_to_save) > 0) {
-            -
                        foreach ($this->capabilities_to_save as $key => $value) {
-            -
                            $user->add_cap($key);
-            -
                        }
-            -
                    }
-            -
                    $user->update_user_level_from_caps();
-            -
                    do_action('ure_user_permissions_update', $user->ID, $user);  // in order other plugins may hook to the user permissions update
-            -
                    if ($this->apply_to_all) { // apply update to the all network
-            -
                        if (!$this->network_update_user($user)) {
-            -
                            return false;
-            -
                        }
-            -
                    }
-            -
                    return true;
+                }
-            -
                // end of update_user()
                 /**
                  * Returns administrator role ID
+                 *
                  * @return string
                  */
                 public function get_admin_role() {
-            -
-            -
                    if (isset($this->roles['administrator'])) {
                         $admin_role_id = 'administrator';
                     } else {
                         // go through all roles and select one with max quant of capabilities included
                         $max_caps = -1;
                         $admin_role_id = '';
-            -
                        foreach(array_keys($this->roles) as $role_id) {
-            -
                            $caps = count($this->roles[$role_id]['capabilities']);
                             if ($caps>$max_caps) {
                                 $max_caps = $caps;
                                 $admin_role_id = $role_id;
@@ -1912,20 +400,7 @@ class URE_Lib extends URE_Base_Lib {
             <?php
+                }
                 // end of about()
-            -
-            -
-            -
                protected function set_current_role() {
-            -
                    if (!isset($this->current_role) || !$this->current_role) {
-            -
                        if (isset($_REQUEST['user_role']) && $_REQUEST['user_role'] && isset($this->roles[$_REQUEST['user_role']])) {
-            -
                            $this->current_role = $_REQUEST['user_role'];
-            -
                        } else {
-            -
                            $this->current_role = $this->get_last_role_id();
-            -
                        }
-            -
                        $this->current_role_name = $this->roles[$this->current_role]['name'];
-            -
                    }
-            -
                }
-            -
                // end of set_current_role()
-            -
                 public function show_admin_role_allowed() {
                     $show_admin_role = $this->get_option('show_admin_role', 0);
@@ -1933,28 +408,7 @@ class URE_Lib extends URE_Base_Lib {
                     return $show_admin_role;
+                }
-            -
                // end of show_admin_role()
-            -
-            -
-            -
                // returns true if editing user has $capability assigned through the roles or directly
-            -
                // returns true if editing user has role with name equal $capability
-            -
                public function user_can($capability) {
-            -
-            -
                    if (isset($this->user_to_edit->caps[$capability])) {
-            -
                        return true;
-            -
                    }
-            -
                    foreach ($this->user_to_edit->roles as $role) {
-            -
                        if ($role===$capability) {
-            -
                            return true;
-            -
                        }
-            -
                        if (!empty($this->roles[$role]['capabilities'][$capability])) {
-            -
                            return true;
-            -
                        }
-            -
                    }
-            -
-            -
                    return false;
-            -
                }
-            -
                // end of user_can()
                 /**
@@ -1962,7 +416,7 @@ class URE_Lib extends URE_Base_Lib {
                  * It takes into account $this->raised_permissions value, in order do not count a user with temporally raised permissions
                  * of a real superadmin under WP Multisite
                  * For WP Singlesite superadmin is a user with 'administrator' role only in opposite the WordPress's is_super_admin(),
-            -
                 * which counts any user with 'delete_users' capability as a superadmin.
+                 *
                  * @param int $user_id
                  * @return boolean
@@ -1979,11 +433,11 @@ class URE_Lib extends URE_Base_Lib {
                         return false;
+                    }
-            -
                    if ($this->multisite && !$this->raised_permissions && is_super_admin($user_id)) {
                         return true;
+                    }
-            -
                    if (!$this->multisite && $this->user_has_capability($user, 'administrator')) {
                         return true;
+                    }
@@ -1992,7 +446,30 @@ class URE_Lib extends URE_Base_Lib {
                 // end of is_super_admin()
-            -
                // Returns true for any capability if user is a real superadmin under multisite
                 // Returns true if user has $capability assigned through the roles or directly
                 // Returns true if user has role with name equal $cap
                 public function user_has_capability($user, $cap) {
@@ -2001,7 +478,9 @@ class URE_Lib extends URE_Base_Lib {
                     if (!is_object($user) || !is_a( $user, 'WP_User') || empty($user->ID)) {
                         return false;
+                    }
-            -
                    if ($this->multisite && !$this->raised_permissions && is_super_admin($user->ID)) {  // do not replace with $this->is_super_admin() to exclude recursion
                         return true;
+                    }
@@ -2020,80 +499,6 @@ class URE_Lib extends URE_Base_Lib {
                     return false;
+                }
                 // end of user_has_capability()
-            -
-            -
-            -
                public function show_other_default_roles() {
-            -
                    $other_default_roles = $this->get_option('other_default_roles', array());
-            -
                    foreach ($this->roles as $role_id => $role) {
-            -
                        if ( $role_id=='administrator' || $role_id==$this->wp_default_role ) {
-            -
                            continue;
-            -
                        }
-            -
                        if ( in_array($role_id, $other_default_roles) ) {
-            -
                            $checked = 'checked="checked"';
-            -
                        } else {
-            -
                            $checked = '';
-            -
                        }
-            -
                        echo '<label for="wp_role_' . $role_id .'"><input type="checkbox"	id="wp_role_' . $role_id .
-            -
                            '" name="wp_role_' . $role_id . '" value="' . $role_id . '"' . $checked .' />&nbsp;' .
-            -
                            esc_html__($role['name'], 'user-role-editor') . '</label><br />';
-            -
                      }
-            -
-            -
                }
-            -
                // end of show_other_default_roles()
-            -
-            -
-            -
                public function get_current_role() {
-            -
-            -
                    return $this->current_role;
-            -
-            -
                }
-            -
                // end of get_current_role()
-            -
-            -
-            -
                public function get_edit_user_caps_mode() {
-            -
                    if ($this->multisite && $this->is_super_admin()) {
-            -
                        return 1;
-            -
                    }
-            -
-            -
                    $edit_user_caps = $this->get_option('edit_user_caps', 1);
-            -
-            -
                    return $edit_user_caps;
-            -
                }
-            -
                // end of get_edit_user_caps_mode()
-            -
-            -
-            -
                /**
-            -
                 * Returns comma separated string of capabilities directly (not through the roles) assigned to the user
-            -
                 *
-            -
                 * @global WP_Roles $wp_roles
-            -
                 * @param object $user
-            -
                 * @return string
-            -
                 */
-            -
                public function get_edited_user_caps($user) {
-            -
                    global $wp_roles;
-            -
-            -
                    $output = '';
-            -
                    foreach ($user->caps as $cap => $value) {
-            -
                        if (!$wp_roles->is_role($cap)) {
-            -
                            if ('' != $output) {
-            -
                                $output .= ', ';
-            -
                            }
-            -
                            $output .= $value ? $cap : sprintf(__('Denied: %s'), $cap);
-            -
                        }
-            -
                    }
-            -
-            -
                    return $output;
-            -
                }
-            -
                // end of get_edited_user_caps()
-            -
-            -
-            -
                public function is_user_profile_extention_allowed() {
-            -
                    // Check if we are not at the network admin center
-            -
                    $result = stripos($_SERVER['REQUEST_URI'], 'network/user-edit.php') == false;
-            -
-            -
                    return $result;
-            -
                }
-            -
                // end of is_user_profile_extention_allowed()
                 // create assign_role object
@@ -2104,20 +509,7 @@ class URE_Lib extends URE_Base_Lib {
                     return $assign_role;
+                }
                 // end of get_assign_role()
-            -
-            -
-            -
                public function get_ure_page_url() {
-            -
                    $page_url = URE_WP_ADMIN_URL . URE_PARENT . '?page=users-' . URE_PLUGIN_FILE;
-            -
                    $object = $this->get_request_var('object', 'get');
-            -
                    $user_id = (int) $this->get_request_var('user_id', 'get', 'int');
-            -
                    if ($object=='user' && $user_id>0) {
-            -
                        $page_url .= '&object=user&user_id='. $user_id;
-            -
                    }
-            -
-            -
                    return $page_url;
-            -
                }
-            -
                // end of get_ure_page_url()
-            -
                 /**
                  * Compare if current URL path is equal to the required one
@@ -2148,6 +540,6 @@ class URE_Lib extends URE_Base_Lib {
                     return $roles;
+                }
                 // end of get_all_roles()
-            -
+            }
-            -
            // end of URE_Lib class

                 const  TRANSIENT_EXPIRATION = 600;
                 protected $wp_default_role = '';
                 protected $advert = null;
                 protected $bbpress = null; // reference to the URE_bbPress class instance
                 protected $key_capability = ''; // Key user capability for get full access to the User Role Editor
                 protected $settings_capability = ''; // User capability for access to User Role Editor Settings
                 // end of __construct()
+            +
                public function get_bbpress() {
                     if ($this->bbpress===null) {
                         $this->bbpress = new URE_bbPress();
                     if (self::$instance === null) {
                         if (empty($options_id)) {
+            +
                            throw new Exception('URE_Lib::get_instance() - Error: plugin options ID string is required');
+                        }
                         // new static() will work too
                         self::$instance = new URE_Lib($options_id);
                  * @return boolean
                  */
                 public function is_pro() {
+            +
                     return false;
+                }
                 // end of is_pro()
+            +
                 public function set_raised_permissions($value) {
                     $this->raised_permissions = !empty($value) ? true : false;
+                        }
+                    }
+            +
                }
+            +
                // end of init_options()
+            +
                 /**
+            +
                 * saves options array into WordPress database wp_options table
                  */
+            +
                public function flush_options() {
+            +
                    global $wpdb;
+            +
+            +
                    $current_blog = $wpdb->blogid;
+            +
                    if ($this->multisite && $current_blog!==$this->main_blog_id) {
+            +
                        if ($this->active_for_network) {   // plugin is active for whole network, so get URE options from the main blog
+            +
                            switch_to_blog($this->main_blog_id);  // in order to save URE options to the main blog
+            +
                        }
+                    }
+            +
+            +
                    update_option($this->options_id, $this->options);
+            +
+            +
                    if ($this->multisite && $current_blog!==$this->main_blog_id) {
+            +
                        if ($this->active_for_network) {   // plugin is active for whole network, so return back to the current blog
+            +
                            restore_current_blog();
+                        }
+                    }
+                }
+            +
                // end of flush_options()
+            +
                public function get_main_blog_id() {
+            +
                    return $this->main_blog_id;
+            +
                }
+            +
                 /**
+            +
                 * Checks if user is allowed to use User Role Editor
+            +
                 *
+            +
                 * @param int $user_id
+            +
                 * @return boolean true
                  */
+            +
                public function user_is_admin($user_id = false) {
+            +
                    $ure_key_capability = URE_Own_Capabilities::get_key_capability();
+            +
                    if (empty($user_id)) {
+            +
                        $user_id = get_current_user_id();
+                    }
+            +
                    $result = user_can($user_id, $ure_key_capability);
+            +
+            +
                    return $result;
+                }
+            +
                // end of user_is_admin()
+            +
+            +
              /**
+            +
                 * return array with WordPress user roles
+            +
                 *
                  * @global WP_Roles $wp_roles
+            +
                 * @global type $wp_user_roles
+            +
                 * @return array
                  */
+            +
                public function get_user_roles() {
+            +
                    $bbpress = $this->get_bbpress();
+            +
                    if ($bbpress->is_active()) {  // bbPress plugin is active
+            +
                        $roles = $bbpress->get_roles();
+            +
                    } else {
                         $wp_roles = wp_roles();
+            +
                        $roles = $wp_roles->roles;
+            +
                    }
+            +
+            +
                    if (is_array($roles) && count($roles) > 0) {
+            +
                        asort($roles);
+                    }
+            +
                    return $roles;
+                }
+            +
                // end of get_user_roles()
                 /**
+            +
                 * Respect 'editable_roles' filter, when needed
+            +
                 * @return array
                  */
+            +
                public function get_editable_user_roles($roles) {
+            +
+            +
                    if (empty($roles)) {
+            +
                        $roles = $this->get_user_roles();
+            +
                    }
+            +
                    $bbpress = $this->get_bbpress();
+            +
                    if ($bbpress->is_active()) {
+            +
                        remove_filter('editable_roles', 'bbp_filter_blog_editable_roles');
+            +
                    }
+            +
                    $roles = apply_filters('editable_roles', $roles);
+            +
                    if ($bbpress->is_active()) {
+            +
                        add_filter('editable_roles', 'bbp_filter_blog_editable_roles');
+                    }
+            +
+            +
                    return $roles;
+                }
+            +
                // end of get_editable_user_roles()
+            +
                 /**
+            +
                 * return array of built-in WP capabilities (WP 3.1 wp-admin/includes/schema.php)
+            +
                 *
+            +
                 * @return array
                  */
+            +
                public function get_built_in_wp_caps() {
+            +
                    $caps_groups = URE_Capabilities_Groups_Manager::get_instance();
+            +
                    $caps = $caps_groups->get_built_in_wp_caps();
+            +
                    return $caps;
+                }
+            +
                // end of get_built_in_wp_caps()
+            +
+            +
                 /**
+            +
                 * Return all available post types except non-public WordPress built-in post types
+                 *
+            +
                 * @return array
                  */
+            +
                public function _get_post_types() {
+            +
                    $all_post_types = get_post_types();
+            +
                    $internal_post_types = get_post_types(array('public'=>false, '_builtin'=>true));
+            +
                    $post_types = array_diff($all_post_types, $internal_post_types);
+            +
                    return $post_types;
+            +
                }
+            +
                // end of _get_post_types()
+            +
+            +
+            +
                public function get_edit_post_capabilities() {
+            +
                    $capabilities = array(
+            +
                        'create_posts',
+            +
                        'edit_posts',
+            +
                        'edit_published_posts',
+            +
                        'edit_others_posts',
+            +
                        'edit_private_posts',
+            +
                        'publish_posts',
+            +
                        'read_private_posts',
+            +
                        'delete_posts',
+            +
                        'delete_private_posts',
+            +
                        'delete_published_posts',
+            +
                        'delete_others_posts'
+            +
                    );
+            +
+            +
                    return $capabilities;
+            +
                }
+            +
                // end of get_edit_post_capabilities();
+            +
+            +
                public function init_full_capabilities( $ure_object ) {
+            +
                    $capabilities = URE_Capabilities::get_instance();
+            +
                    $full_list = $capabilities->init_full_list( $ure_object );
+            +
                    return $full_list;
+                }
+            +
                // end of init_full_capabilities()
+            +
                public function restore_after_blog_switching($blog_id = 0) {
+            +
+            +
                    if (!empty($blog_id)) {
+            +
                        switch_to_blog($blog_id);
+            +
                    }
+            +
                    // cleanup blog switching data
+            +
                    $GLOBALS['_wp_switched_stack'] = array();
+            +
                    $GLOBALS['switched'] = ! empty( $GLOBALS['_wp_switched_stack'] );
+            +
                }
+            +
                // end of restore_after_blog_switching()
+            +
+            +
                 /**
                  * Returns administrator role ID
+                 *
                  * @return string
                  */
                 public function get_admin_role() {
+            +
+            +
                    $roles = $this->get_user_roles();
+            +
                    if (isset($roles['administrator'])) {
                         $admin_role_id = 'administrator';
                     } else {
                         // go through all roles and select one with max quant of capabilities included
                         $max_caps = -1;
                         $admin_role_id = '';
+            +
                        foreach(array_keys($roles) as $role_id) {
+            +
                            $caps = count($roles[$role_id]['capabilities']);
                             if ($caps>$max_caps) {
                                 $max_caps = $caps;
                                 $admin_role_id = $role_id;
             <?php
+                }
                 // end of about()
+            +
                 public function show_admin_role_allowed() {
                     $show_admin_role = $this->get_option('show_admin_role', 0);
                     return $show_admin_role;
+                }
+            +
                // end of show_admin_role()
                 /**
                  * It takes into account $this->raised_permissions value, in order do not count a user with temporally raised permissions
                  * of a real superadmin under WP Multisite
                  * For WP Singlesite superadmin is a user with 'administrator' role only in opposite the WordPress's is_super_admin(),
+            +
                 * which counts as superadmin any user with 'delete_users' capability
+                 *
                  * @param int $user_id
                  * @return boolean
                         return false;
+                    }
+            +
                    if ( $this->multisite && !$this->raised_permissions && is_super_admin( $user_id ) ) {
                         return true;
+                    }
+            +
                    if (!$this->multisite && $this->user_has_role( $user, 'administrator' ) ) {
                         return true;
+                    }
                 // end of is_super_admin()
+            +
                public function user_has_role( $user, $role) {
+            +
+            +
                    if (empty($user)) {
+            +
                        return false;
+            +
                    }
+            +
+            +
                    if (!is_a($user, 'WP_User')) {
+            +
                        return false;
+            +
                    }
+            +
+            +
                    if (empty($user->roles)) {
+            +
                        return false;
+            +
                    }
+            +
+            +
                    if (!in_array( $role, $user->roles ) ) {
+            +
                        return false;
+            +
                    }
+            +
+            +
                    return true;
+            +
                }
+            +
                // end of user_has_role()
+            +
+            +
+            +
                // Returns true for any capability if user is a real superadmin under WordPress Multisite
                 // Returns true if user has $capability assigned through the roles or directly
                 // Returns true if user has role with name equal $cap
                 public function user_has_capability($user, $cap) {
                     if (!is_object($user) || !is_a( $user, 'WP_User') || empty($user->ID)) {
                         return false;
+                    }
+            +
+            +
                    // Do not replace with $this->is_super_admin() to exclude recursion
+            +
                    if ($this->multisite && !$this->raised_permissions && is_super_admin($user->ID)) {
                         return true;
+                    }
                     return false;
+                }
                 // end of user_has_capability()
                 // create assign_role object
                     return $assign_role;
+                }
                 // end of get_assign_role()
+            +
                 /**
                  * Compare if current URL path is equal to the required one
                     return $roles;
+                }
                 // end of get_all_roles()
+            +
+            }
+            +
            // end of URE_Lib class

includes/classes/role-view.php CHANGED Viewed

	@@ -9,7 +9,6 @@
9	**/
10	class URE_Role_View extends URE_View {
11
12	- private $lib = null;
13	public $role_default_html = '';
14	private $role_to_copy_html = '';
15	private $role_select_html = '';
	@@ -19,8 +18,9 @@ class URE_Role_View extends URE_View {
19	public function __construct() {
20
21	parent::__construct();
22	- ~~$this->lib = URE_Lib::get_instance();~~
23	- $~~this->caps_to_remove~~ = ~~$this->lib->get_caps_to_remove~~();

24
25	}
26	// end of __construct()
	@@ -28,7 +28,7 @@ class URE_Role_View extends URE_View {
28
29	public function role_default_prepare_html($select_width=200) {
30
31	- $roles = $this->~~lib~~->get('roles');
32	if (!isset($roles) \|\| !$roles) {
33	// get roles data from database
34	$roles = $this->lib->get_user_roles();
	@@ -41,7 +41,7 @@ class URE_Role_View extends URE_View {
41	} else {
42	$select_style = '';
43	}
44	- $wp_default_role = ~~$this->lib->get~~('~~wp_default_role~~');
45	$this->role_default_html = '<select id="default_user_role" name="default_user_role" '. $select_style .'>';
46	foreach ($roles as $key => $value) {
47	$selected = selected($key, $wp_default_role, false);
	@@ -73,8 +73,9 @@ class URE_Role_View extends URE_View {
73	$this->role_to_copy_html = '<select id="user_role_copy_from" name="user_role_copy_from" style="width: '. $select_width .'px">
74	<option value="none" selected="selected">' . esc_html__('None', 'user-role-editor') . '</option>';
75	$this->role_select_html = '<select id="user_role" name="user_role" onchange="ure_role_change(this.value);">';
76	- $current_role = $this->~~lib~~->get('current_role');
77	- $~~roles~~ = $this->~~lib~~->~~get_editable_user_roles~~();

78	foreach ($roles as $key => $value) {
79	if ($key===$role_to_skip) { // skip role of current user if he does not have full access to URE
80	continue;
	@@ -98,8 +99,9 @@ class URE_Role_View extends URE_View {
98
99
100	private function role_delete_prepare_html() {
101	- ~~$roles_can_delete = $this->lib->get_roles_can_delete();~~
102	- ~~if (~~$roles_can_delete && ~~count~~(~~$roles_can_delete~~) ~~> 0) {~~

103	$this->role_delete_html = '<select id="del_user_role" name="del_user_role" width="200" style="width: 200px">';
104	foreach ($roles_can_delete as $key => $value) {
105	$this->role_delete_html .= '<option value="' . $key . '">' . esc_html__($value, 'user-role-editor') . '</option>';
	@@ -109,6 +111,7 @@ class URE_Role_View extends URE_View {
109	} else {
110	$this->role_delete_html = '';
111	}

112	}
113	// end of role_delete_prepare_html()
114
	@@ -121,10 +124,9 @@ class URE_Role_View extends URE_View {
121	public static function caps_to_remove_html() {
122	global $wp_roles;
123
124	- $~~lib~~ = ~~URE_Lib~~::get_instance();
125	- $caps_to_remove = $~~lib~~->get_caps_to_remove();
126	-
127	- if (empty($caps_to_remove) \|\| !is_array($caps_to_remove) && count($caps_to_remove)==0) {
128	return '';
129	}
130
	@@ -191,8 +193,8 @@ class URE_Role_View extends URE_View {
191
192	public function display_edit_dialogs() {
193	$multisite = $this->lib->get('multisite');
194	- $current_role = $this->~~lib~~->get('current_role');
195	- $current_role_name = $this->~~lib~~->get('current_role_name');
196	?>
197	<script language="javascript" type="text/javascript">
198
	@@ -351,7 +353,7 @@ if ($multisite && !is_network_admin()) {
351	?>
352	<div id="ure_editor_options">
353	<?php
354	- $caps_readable = $this->~~lib~~->get('caps_readable');
355	if ($caps_readable) {
356	$checked = 'checked="checked"';
357	} else {
	@@ -363,7 +365,7 @@ if ($multisite && !is_network_admin()) {
363	<input type="checkbox" name="ure_caps_readable" id="ure_caps_readable" value="1" <?php echo $checked; ?> onclick="ure_turn_caps_readable(0);"/>
364	<label for="ure_caps_readable"><?php esc_html_e('Show capabilities in human readable form', 'user-role-editor'); ?></label>
365	<?php
366	- $show_deprecated_caps = $this->~~lib~~->get('show_deprecated_caps');
367	if ($show_deprecated_caps) {
368	$checked = 'checked="checked"';
369	} else {
	@@ -376,7 +378,7 @@ if ($multisite && !is_network_admin()) {
376	}
377	if ($multisite && $active_for_network && !is_network_admin() && is_main_site(get_current_blog_id()) && $this->lib->is_super_admin()) {
378	$hint = esc_html__('If checked, then apply action to ALL sites of this Network');
379	- $apply_to_all = $this->~~lib~~->get('apply_to_all');
380	if ($apply_to_all) {
381	$checked = 'checked="checked"';
382	$fontColor = 'color:#FF0000;';
	@@ -411,8 +413,8 @@ if ($multisite && !is_network_admin()) {
411	<?php
412	$this->display_options();
413	$this->display_caps();
414	- $ao = $this->~~lib~~->get('role_additional_options');
415	- $current_role = $this->~~lib~~->get('current_role');
416	$ao->show($current_role);
417	?>
418	<input type="hidden" name="object" value="role" />


9	**/
10	class URE_Role_View extends URE_View {
11

12	public $role_default_html = '';
13	private $role_to_copy_html = '';
14	private $role_select_html = '';

18	public function __construct() {
19
20	parent::__construct();
21	+
22	+ $capabilities = URE_Capabilities::get_instance();
23	+ $this->caps_to_remove = $capabilities->get_caps_to_remove();
24
25	}
26	// end of __construct()

28
29	public function role_default_prepare_html($select_width=200) {
30
31	+ $roles = $this->editor->get('roles');
32	if (!isset($roles) \|\| !$roles) {
33	// get roles data from database
34	$roles = $this->lib->get_user_roles();

41	} else {
42	$select_style = '';
43	}
44	+ $wp_default_role = get_option( 'default_role' );
45	$this->role_default_html = '<select id="default_user_role" name="default_user_role" '. $select_style .'>';
46	foreach ($roles as $key => $value) {
47	$selected = selected($key, $wp_default_role, false);

73	$this->role_to_copy_html = '<select id="user_role_copy_from" name="user_role_copy_from" style="width: '. $select_width .'px">
74	<option value="none" selected="selected">' . esc_html__('None', 'user-role-editor') . '</option>';
75	$this->role_select_html = '<select id="user_role" name="user_role" onchange="ure_role_change(this.value);">';
76	+ $current_role = $this->editor->get('current_role');
77	+ $all_roles = $this->editor->get('roles');
78	+ $roles = $this->lib->get_editable_user_roles($all_roles);
79	foreach ($roles as $key => $value) {
80	if ($key===$role_to_skip) { // skip role of current user if he does not have full access to URE
81	continue;

99
100
101	private function role_delete_prepare_html() {
102	+
103	+ $roles_can_delete = $this->editor->get_roles_can_delete();
104	+ if ( is_array( $roles_can_delete ) && count( $roles_can_delete ) > 0) {
105	$this->role_delete_html = '<select id="del_user_role" name="del_user_role" width="200" style="width: 200px">';
106	foreach ($roles_can_delete as $key => $value) {
107	$this->role_delete_html .= '<option value="' . $key . '">' . esc_html__($value, 'user-role-editor') . '</option>';

111	} else {
112	$this->role_delete_html = '';
113	}
114	+
115	}
116	// end of role_delete_prepare_html()
117

124	public static function caps_to_remove_html() {
125	global $wp_roles;
126
127	+ $capabilities = URE_Capabilities::get_instance();
128	+ $caps_to_remove = $capabilities->get_caps_to_remove();
129	+ if ( empty( $caps_to_remove ) \|\| !is_array( $caps_to_remove ) && count( $caps_to_remove )===0 ) {

130	return '';
131	}
132

193
194	public function display_edit_dialogs() {
195	$multisite = $this->lib->get('multisite');
196	+ $current_role = $this->editor->get('current_role');
197	+ $current_role_name = $this->editor->get('current_role_name');
198	?>
199	<script language="javascript" type="text/javascript">
200

353	?>
354	<div id="ure_editor_options">
355	<?php
356	+ $caps_readable = $this->editor->get('caps_readable');
357	if ($caps_readable) {
358	$checked = 'checked="checked"';
359	} else {

365	<input type="checkbox" name="ure_caps_readable" id="ure_caps_readable" value="1" <?php echo $checked; ?> onclick="ure_turn_caps_readable(0);"/>
366	<label for="ure_caps_readable"><?php esc_html_e('Show capabilities in human readable form', 'user-role-editor'); ?></label>
367	<?php
368	+ $show_deprecated_caps = $this->editor->get('show_deprecated_caps');
369	if ($show_deprecated_caps) {
370	$checked = 'checked="checked"';
371	} else {

378	}
379	if ($multisite && $active_for_network && !is_network_admin() && is_main_site(get_current_blog_id()) && $this->lib->is_super_admin()) {
380	$hint = esc_html__('If checked, then apply action to ALL sites of this Network');
381	+ $apply_to_all = $this->editor->get('apply_to_all');
382	if ($apply_to_all) {
383	$checked = 'checked="checked"';
384	$fontColor = 'color:#FF0000;';

413	<?php
414	$this->display_options();
415	$this->display_caps();
416	+ $ao = $this->editor->get('role_additional_options');
417	+ $current_role = $this->editor->get('current_role');
418	$ao->show($current_role);
419	?>
420	<input type="hidden" name="object" value="role" />

includes/classes/settings.php CHANGED Viewed

	@@ -18,7 +18,7 @@ class URE_Settings {
18	'ure_addons_settings_update',
19	'ure_settings_ms_update',
20	'ure_default_roles_update',
21	- '~~ure_reset_roles_exec~~');
22	foreach($update_buttons as $update_button) {
23	if (!isset($_POST[$update_button])) {
24	continue;
	@@ -142,16 +142,20 @@ class URE_Settings {
142	}
143	// end of update_multisite_options()
144
145	-
146	- protected static function ~~reset_roles~~() {
147
148	$lib = URE_Lib::get_instance();
149	- $lib->~~reset_user_roles~~();
150	- ~~$lib->put_option~~(~~'other_default_roles',~~ ~~array(~~), ~~true);~~
151	- ~~$lib->show_message~~(~~esc_html__('Tools: Reset: User Roles were initialized', 'user-role-editor'~~));




152	}
153	- // end of ~~reset_roles~~()
154	-
155
156	private static function controller() {
157
	@@ -169,8 +173,8 @@ class URE_Settings {
169	case 'ure_default_roles_update':
170	self::update_default_roles();
171	break;
172	- case '~~ure_reset_roles_exec~~':
173	- self::~~reset_roles~~();
174	break;
175	case 'show':
176	default:
	@@ -181,6 +185,49 @@ class URE_Settings {
181	// end of controller()
182
183











































184	public static function show() {
185
186	$lib = URE_Lib::get_instance();
	@@ -203,7 +250,6 @@ class URE_Settings {
203	$count_users_without_role = $lib->get_option('count_users_without_role', 0);
204	}
205
206	- $lib->get_default_role();
207	$view = new URE_Role_View();
208	$view->role_default_prepare_html(0);
209
	@@ -211,12 +257,7 @@ class URE_Settings {
211
212	do_action('ure_settings_load');
213
214	- ~~if (~~$~~multisite~~ && ~~is_network_admin~~()~~) {~~
215	- $link = 'settings.php';
216	- } else {
217	- $link = 'options-general.php';
218	- }
219	-
220	$active_for_network = $lib->get('active_for_network');
221	$license_key_only = $multisite && is_network_admin() && !$active_for_network;
222


18	'ure_addons_settings_update',
19	'ure_settings_ms_update',
20	'ure_default_roles_update',
21	+ 'ure_settings_tools_exec');
22	foreach($update_buttons as $update_button) {
23	if (!isset($_POST[$update_button])) {
24	continue;

142	}
143	// end of update_multisite_options()
144
145	+
146	+ protected static function tools_exec() {
147
148	$lib = URE_Lib::get_instance();
149	+ $roles_reset = $lib->get_request_var( 'ure_reset_roles_exec', 'post', 'int');
150	+ if ( $roles_reset==1 ) {
151	+ URE_Tools::reset_roles();
152	+ } else {
153	+ do_action( 'ure_settings_tools_exec' );
154	+ }
155	+
156	}
157	+ //end of tools_exec()
158	+
159
160	private static function controller() {
161

173	case 'ure_default_roles_update':
174	self::update_default_roles();
175	break;
176	+ case 'ure_settings_tools_exec':
177	+ self::tools_exec();
178	break;
179	case 'show':
180	default:

185	// end of controller()
186
187
188	+ public static function show_other_default_roles() {
189	+
190	+ $lib = URE_Lib::get_instance();
191	+ $other_default_roles = $lib->get_option('other_default_roles', array());
192	+ $roles = $lib->get_user_roles();
193	+ $wp_default_role = get_option('default_role');
194	+ foreach ($roles as $role_id => $role) {
195	+ if ( $role_id=='administrator' \|\| $role_id==$wp_default_role ) {
196	+ continue;
197	+ }
198	+ if ( in_array( $role_id, $other_default_roles ) ) {
199	+ $checked = 'checked="checked"';
200	+ } else {
201	+ $checked = '';
202	+ }
203	+ echo '<label for="wp_role_' . $role_id .'"><input type="checkbox" id="wp_role_' . $role_id .
204	+ '" name="wp_role_' . $role_id . '" value="' . $role_id . '"' . $checked .' /> ' .
205	+ esc_html__( $role['name'], 'user-role-editor' ) . '</label><br />';
206	+ }
207	+
208	+ }
209	+ // end of show_other_default_roles()
210	+
211	+
212	+
213	+ public static function get_settings_link() {
214	+
215	+ $lib = URE_Lib::get_instance();
216	+ $multisite = $lib->get('multisite');
217	+
218	+ if ($multisite && is_network_admin()) {
219	+ $link = 'settings.php';
220	+ } else {
221	+ $link = 'options-general.php';
222	+ }
223	+
224	+ return $link;
225	+
226	+ }
227	+ // end of get_settings_link();
228	+
229	+
230	+
231	public static function show() {
232
233	$lib = URE_Lib::get_instance();

250	$count_users_without_role = $lib->get_option('count_users_without_role', 0);
251	}
252

253	$view = new URE_Role_View();
254	$view->role_default_prepare_html(0);
255

257
258	do_action('ure_settings_load');
259
260	+ $link = self::get_settings_link();





261	$active_for_network = $lib->get('active_for_network');
262	$license_key_only = $multisite && is_network_admin() && !$active_for_network;
263

includes/classes/tools.php CHANGED Viewed

	@@ -1,33 +1,20 @@
1	<?php
2
3	class URE_Tools {
4	- ~~private $lib;~~
5	- private $multisite = null;
6	- private $link = null;
7	-
8	- public function __construct() {
9	-
10	- $this->lib = URE_Lib::get_instance();
11	- $this->multisite = $this->lib->get('multisite');
12	-
13	- if ($this->multisite && is_network_admin()) {
14	- $this->link = 'settings.php';
15	- } else {
16	- $this->link = 'options-general.php';
17	- }
18	-
19	- }
20	- // end of __construct()
21	-
22
23	- ~~public~~ function ~~show_reset~~($tab_idx) {




24
25	- if (!$~~this->~~multisite \|\| (is_main_site(get_current_blog_id()) \|\| (is_network_admin() && $~~this->~~lib->is_super_admin()))) {
26	- if (current_user_can('ure_reset_roles')) {
27	?>
28
29	<div style="margin: 10px 0 10px 0; border: 1px solid red; padding: 0 10px 10px 10px; text-align:left;">
30	- <form name="ure_reset_roles_form" id="ure_reset_roles_form" method="post" action="<?php echo $~~this->~~link; ?>?page=settings-<?php echo URE_PLUGIN_FILE; ?>" >
31	<h3>Reset User Roles</h3>
32	<span style="color: red;"><?php esc_html_e('WARNING!', 'user-role-editor');?></span>
33	<?php
	@@ -36,19 +23,19 @@ class URE_Tools {
36	esc_html_e('For more information on how to undo undesired changes and restore plugins capabilities in case you lost them by mistake go to: ', 'user-role-editor');
37	echo '<a href="http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/">http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/</a>';
38
39	- if ($~~this->~~multisite) {
40	-
41	?>
42	<br><br>
43	<input type="checkbox" name="ure_apply_to_all" id="ure_apply_to_all" value="1" />
44	<label for="ure_apply_to_all"><?php esc_html_e('Apply to All Sites', 'user-role-editor'); ?></label>
45	(<?php esc_html_e('If checked, then apply action to ALL sites. Main site only is affected in other case.', 'user-role-editor'); ?>)
46	<?php
47	- }
48	?>
49	<br><br>
50	<button id="ure_reset_roles_button" style="width: 100px; color: red;" title="<?php esc_html_e('Reset Roles to its original state', 'user-role-editor'); ?>"><?php esc_html_e('Reset', 'user-role-editor');?></button>
51	<?php wp_nonce_field('user-role-editor'); ?>

52	<input type="hidden" name="ure_reset_roles_exec" value="1" />
53	<input type="hidden" name="ure_tab_idx" value="<?php echo $tab_idx; ?>" />
54	</form>
	@@ -61,11 +48,31 @@ class URE_Tools {
61	// end of show_reset()
62
63
64	- public function ~~show~~(~~$tab_idx~~) {












65
66	- ~~$this->show_reset($tab_idx);~~







67	}
68	// end of show()
69

70	}
71	// end of URE_Tools


1	<?php
2
3	class URE_Tools {
4	+

















5
6	+ private static function show_reset_roles( $tab_idx ) {
7	+
8	+ $lib = URE_Lib::get_instance();
9	+ $multisite = $lib->get('multisite');
10	+ $link = URE_Settings::get_settings_link();
11
12	+ if (!$multisite \|\| (is_main_site( get_current_blog_id() ) \|\| ( is_network_admin() && $lib->is_super_admin() ) ) ) {
13	+ if ( current_user_can( 'ure_reset_roles' ) ) {
14	?>
15
16	<div style="margin: 10px 0 10px 0; border: 1px solid red; padding: 0 10px 10px 10px; text-align:left;">
17	+ <form name="ure_reset_roles_form" id="ure_reset_roles_form" method="post" action="<?php echo $link; ?>?page=settings-<?php echo URE_PLUGIN_FILE; ?>" >
18	<h3>Reset User Roles</h3>
19	<span style="color: red;"><?php esc_html_e('WARNING!', 'user-role-editor');?></span>
20	<?php

23	esc_html_e('For more information on how to undo undesired changes and restore plugins capabilities in case you lost them by mistake go to: ', 'user-role-editor');
24	echo '<a href="http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/">http://role-editor.com/how-to-restore-deleted-wordpress-user-roles/</a>';
25
26	+ if ( $multisite ) {

27	?>
28	<br><br>
29	<input type="checkbox" name="ure_apply_to_all" id="ure_apply_to_all" value="1" />
30	<label for="ure_apply_to_all"><?php esc_html_e('Apply to All Sites', 'user-role-editor'); ?></label>
31	(<?php esc_html_e('If checked, then apply action to ALL sites. Main site only is affected in other case.', 'user-role-editor'); ?>)
32	<?php
33	+ }
34	?>
35	<br><br>
36	<button id="ure_reset_roles_button" style="width: 100px; color: red;" title="<?php esc_html_e('Reset Roles to its original state', 'user-role-editor'); ?>"><?php esc_html_e('Reset', 'user-role-editor');?></button>
37	<?php wp_nonce_field('user-role-editor'); ?>
38	+ <input type="hidden" name="ure_settings_tools_exec" value="1" />
39	<input type="hidden" name="ure_reset_roles_exec" value="1" />
40	<input type="hidden" name="ure_tab_idx" value="<?php echo $tab_idx; ?>" />
41	</form>

48	// end of show_reset()
49
50
51	+ public static function reset_roles() {
52	+
53	+ $editor = URE_Editor::get_instance();
54	+ if ( !$editor->reset_user_roles() ) {
55	+ return;
56	+ }
57	+
58	+ $lib = URE_Lib::get_instance();
59	+ $lib->put_option( 'other_default_roles', array(), true );
60	+ $lib->show_message( esc_html__('Tools: Reset: User Roles were initialized', 'user-role-editor') );
61	+
62	+ }
63	+ // end of reset_roles()
64
65	+
66	+ public static function show( $tab_idx ) {
67	+
68	+ do_action( 'ure_settings_tools_show', $tab_idx );
69	+
70	+ // Placed here, after all tools which may be added above, as a very rare needed functionality
71	+ self::show_reset_roles( $tab_idx );
72	+
73	}
74	// end of show()
75
76	+
77	}
78	// end of URE_Tools

includes/classes/user-other-roles.php CHANGED Viewed

@@ -163,10 +163,36 @@ class URE_User_Other_Roles {
                 // end of roles_select()
                 private function user_profile_capabilities($user) {
                     $current_user_id = get_current_user_id();
-            -
                    $user_caps = $this->lib->get_edited_user_caps($user);
             ?>
                       <tr>
                           <th>
@@ -210,6 +236,15 @@ class URE_User_Other_Roles {
                 // end of display()
                 /**
                  * Add URE stuff to the edit user profile page
+                 *
@@ -218,7 +253,7 @@ class URE_User_Other_Roles {
                  */
                 public function edit_user_profile_html($user) {
-            -
                    if (!$this->lib->is_user_profile_extention_allowed()) {
                         return;
+                    }
                     $show = apply_filters('ure_show_additional_capabilities_section', true);


163	// end of roles_select()
164
165
166	+ /**
167	+ * Returns comma separated string of capabilities directly (not through the roles) assigned to the user
168	+ *
169	+ * @global WP_Roles $wp_roles
170	+ * @param object $user
171	+ * @return string
172	+ */
173	+ private function get_user_caps_str( $user ) {
174	+ global $wp_roles;
175	+
176	+ $output = '';
177	+ foreach ($user->caps as $cap => $value) {
178	+ if (!$wp_roles->is_role($cap)) {
179	+ if ('' != $output) {
180	+ $output .= ', ';
181	+ }
182	+ $output .= $value ? $cap : sprintf(__('Denied: %s'), $cap);
183	+ }
184	+ }
185	+
186	+ return $output;
187	+ }
188	+ // end of get_user_caps_str()
189	+
190	+
191	+
192	private function user_profile_capabilities($user) {
193
194	$current_user_id = get_current_user_id();
195	+ $user_caps = $this->get_user_caps_str($user);
196	?>
197	<tr>
198	<th>

236	// end of display()
237
238
239	+ private function is_user_profile_extention_allowed() {
240	+ // Check if we are not at the network admin center
241	+ $result = stripos($_SERVER['REQUEST_URI'], 'network/user-edit.php') == false;
242	+
243	+ return $result;
244	+ }
245	+ // end of is_user_profile_extention_allowed()
246	+
247	+
248	/**
249	* Add URE stuff to the edit user profile page
250	*

253	*/
254	public function edit_user_profile_html($user) {
255
256	+ if (!$this->is_user_profile_extention_allowed()) {
257	return;
258	}
259	$show = apply_filters('ure_show_additional_capabilities_section', true);

includes/classes/user-role-editor.php CHANGED Viewed

	@@ -641,17 +641,43 @@ class User_Role_Editor {
641	wp_die(esc_html__('Insufficient permissions to work with User Role Editor', 'user-role-editor'));
642	}
643
644	- $~~this->lib->~~editor();

645	}
646	// end of edit_roles()
647

























648
649	/**
650	* execute on plugin activation
651	*/
652	function setup() {
653
654	- $this->~~lib->~~backup_wp_roles();
655	URE_Own_Capabilities::init_caps();
656
657	$task_queue = URE_Task_Queue::get_instance();
	@@ -661,10 +687,32 @@ class User_Role_Editor {
661	// end of setup()
662
663














664	protected function load_main_page_js() {
665
666	$confirm_role_update = $this->lib->get_option('ure_confirm_role_update', 1);
667	- $page_url = $this->~~lib->~~get_ure_page_url();








668
669	wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core', 'jquery-ui-button', 'jquery'));
670	wp_enqueue_script('jquery-ui-selectable', '', array('jquery-ui-core', 'jquery'));
	@@ -675,6 +723,7 @@ class User_Role_Editor {
675	'network_admin' => is_network_admin() ? 1 : 0,
676	'page_url' => $page_url,
677	'is_multisite' => is_multisite() ? 1 : 0,

678	'confirm_role_update' => $confirm_role_update ? 1 : 0,
679	'confirm_title' => esc_html__('Confirm', 'user-role-editor'),
680	'yes_label' => esc_html__('Yes', 'user-role-editor'),
	@@ -710,7 +759,7 @@ class User_Role_Editor {
710
711	protected function load_settings_js() {
712
713	- $page_url = $this->~~lib->~~get_ure_page_url();
714
715	wp_enqueue_script('jquery-ui-tabs', '', array('jquery-ui-core', 'jquery'));
716	wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core', 'jquery'));
	@@ -762,7 +811,7 @@ class User_Role_Editor {
762
763	public function ure_ajax() {
764
765	- $ajax_processor = new URE_Ajax_Processor(~~$this->lib~~);
766	$ajax_processor->dispatch();
767
768	}


641	wp_die(esc_html__('Insufficient permissions to work with User Role Editor', 'user-role-editor'));
642	}
643
644	+ $editor = URE_Editor::get_instance();
645	+ $editor->show();
646	}
647	// end of edit_roles()
648
649	+
650	+ /**
651	+ * Create backup record for the WordPress user roles
652	+ * Run once on URE activation
653	+ *
654	+ * @global wpdb $wpdb
655	+ * @global WP_Roles $wp_roles
656	+ * @return type
657	+ */
658	+ protected function backup_wp_roles() {
659	+ global $wpdb;
660	+
661	+ $site_id = get_current_blog_id();
662	+ $backup_roles_key = $wpdb->get_blog_prefix($site_id) .'backup_user_roles';
663	+ // check if backup user roles record exists already
664	+ $result = get_option($backup_roles_key, false);
665	+ if (!empty($result)) {
666	+ return;
667	+ }
668	+
669	+ $wp_roles = wp_roles();
670	+ update_option($backup_roles_key, $wp_roles->roles, false);
671	+
672	+ }
673	+ // end of backup_wp_roles()
674
675	/**
676	* execute on plugin activation
677	*/
678	function setup() {
679
680	+ $this->backup_wp_roles();
681	URE_Own_Capabilities::init_caps();
682
683	$task_queue = URE_Task_Queue::get_instance();

687	// end of setup()
688
689
690	+ protected function get_ure_page_url() {
691	+
692	+ $page_url = URE_WP_ADMIN_URL . URE_PARENT . '?page=users-' . URE_PLUGIN_FILE;
693	+ $object = $this->lib->get_request_var('object', 'get');
694	+ $user_id = (int) $this->lib->get_request_var('user_id', 'get', 'int');
695	+ if ($object=='user' && $user_id>0) {
696	+ $page_url .= '&object=user&user_id='. $user_id;
697	+ }
698	+
699	+ return $page_url;
700	+ }
701	+ // end of get_ure_page_url()
702	+
703	+
704	protected function load_main_page_js() {
705
706	$confirm_role_update = $this->lib->get_option('ure_confirm_role_update', 1);
707	+ $page_url = $this->get_ure_page_url();
708	+
709	+ $multisite = $this->lib->get('multisite');
710	+ if ( !( $multisite && $this->lib->is_super_admin() ) ) {
711	+ $do_not_revoke_from_admin = true;
712	+ } else {
713	+ // do not limit SuperAdmin for multi-site
714	+ $do_not_revoke_from_admin = false;
715	+ }
716
717	wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core', 'jquery-ui-button', 'jquery'));
718	wp_enqueue_script('jquery-ui-selectable', '', array('jquery-ui-core', 'jquery'));

723	'network_admin' => is_network_admin() ? 1 : 0,
724	'page_url' => $page_url,
725	'is_multisite' => is_multisite() ? 1 : 0,
726	+ 'do_not_revoke_from_admin' => $do_not_revoke_from_admin ? 1 : 0,
727	'confirm_role_update' => $confirm_role_update ? 1 : 0,
728	'confirm_title' => esc_html__('Confirm', 'user-role-editor'),
729	'yes_label' => esc_html__('Yes', 'user-role-editor'),

759
760	protected function load_settings_js() {
761
762	+ $page_url = $this->get_ure_page_url();
763
764	wp_enqueue_script('jquery-ui-tabs', '', array('jquery-ui-core', 'jquery'));
765	wp_enqueue_script('jquery-ui-dialog', '', array('jquery-ui-core', 'jquery'));

811
812	public function ure_ajax() {
813
814	+ $ajax_processor = new URE_Ajax_Processor();
815	$ajax_processor->dispatch();
816
817	}

includes/classes/user-view.php CHANGED Viewed

	@@ -9,15 +9,13 @@
9	**/
10	class URE_User_View extends URE_View {
11
12	- private $lib = null;
13	private $user_to_edit = null;
14
15
16	public function __construct() {
17
18	parent::__construct();
19	- $this->~~lib~~ = ~~URE_Lib::get_instance~~();
20	- $this->user_to_edit = $this->lib->get('user_to_edit');
21
22	}
23	// end of __construct()
	@@ -107,10 +105,10 @@ class URE_User_View extends URE_View {
107	$show_admin_role = $this->lib->show_admin_role_allowed();
108	$values = array_values($this->user_to_edit->roles);
109	$primary_role = array_shift($values); // get 1st element from roles array
110	- $roles = $this->~~lib~~->get('roles');
111	foreach ($roles as $role_id => $role) {
112	if (($show_admin_role \|\| $role_id != 'administrator') && ($role_id !== $primary_role)) {
113	- if ($this->~~lib~~->user_can($role_id)) {
114	$checked = 'checked="checked"';
115	} else {
116	$checked = '';
	@@ -124,10 +122,11 @@ class URE_User_View extends URE_View {
124	// end of show_secondary_roles()
125
126
127	- public function display() {
128	- ~~$caps_readable = $this->lib->get('caps_readable');~~
129	- $~~show_deprecated_caps~~ = $this->~~lib~~->get('~~show_deprecated_caps~~');
130	- $~~edit_user_caps_mode~~ = $this->~~lib~~->~~get_edit_user_caps_mode~~();

131	$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
132	$user_info = $this->get_user_info();
133	$select_primary_role = apply_filters('ure_users_select_primary_role', true);


9	**/
10	class URE_User_View extends URE_View {
11

12	private $user_to_edit = null;
13
14
15	public function __construct() {
16
17	parent::__construct();
18	+ $this->user_to_edit = $this->editor->get('user_to_edit');

19
20	}
21	// end of __construct()

105	$show_admin_role = $this->lib->show_admin_role_allowed();
106	$values = array_values($this->user_to_edit->roles);
107	$primary_role = array_shift($values); // get 1st element from roles array
108	+ $roles = $this->editor->get('roles');
109	foreach ($roles as $role_id => $role) {
110	if (($show_admin_role \|\| $role_id != 'administrator') && ($role_id !== $primary_role)) {
111	+ if ($this->editor->user_can($role_id)) {
112	$checked = 'checked="checked"';
113	} else {
114	$checked = '';

122	// end of show_secondary_roles()
123
124
125	+ public function display() {
126	+
127	+ $caps_readable = $this->editor->get('caps_readable');
128	+ $show_deprecated_caps = $this->editor->get('show_deprecated_caps');
129	+ $edit_user_caps_mode = $this->editor->get_edit_user_caps_mode();
130	$caps_access_restrict_for_simple_admin = $this->lib->get_option('caps_access_restrict_for_simple_admin', 0);
131	$user_info = $this->get_user_info();
132	$select_primary_role = apply_filters('ure_users_select_primary_role', true);

includes/classes/view.php CHANGED Viewed

	@@ -9,12 +9,14 @@
9	**/
10	class URE_View {
11
12	- ~~private~~ $lib = null;

13
14
15	public function __construct() {
16
17	$this->lib = URE_Lib::get_instance();

18
19	}
20	// end of __construct()
	@@ -77,7 +79,7 @@ class URE_View {
77
78	if (isset($builtin_wp_caps[$cap_id])) {
79	if (in_array('deprecated', $builtin_wp_caps[$cap_id])) {
80	- $show_deprecated_caps = $this->~~lib~~->get('show_deprecated_caps');
81	if (!$show_deprecated_caps) {
82	$hidden_class = 'hidden';
83	}
	@@ -93,7 +95,7 @@ class URE_View {
93
94	$blocked = false;
95	$multisite = $this->lib->get('multisite');
96	- if ($multisite && $this->~~lib~~->block_cap_for_single_admin($cap_id, true)) {
97	if ($this->lib->is_super_admin()) {
98	if (!is_network_admin()) {
99	$label_style = 'style="color: red;"';
	@@ -111,7 +113,7 @@ class URE_View {
111	// Get full capabilities list and exclude Visual Composer capabilities from it
112	// Do not take VC capabilities into account as VC stores not boolean values with them
113	protected function get_full_capabilities() {
114	- $full_caps = $this->~~lib~~->get('full_capabilities');
115	foreach($full_caps as $key=>$capability) {
116	if (strpos($key, 'vc_access_rules_')!==false) {
117	unset($full_caps[$key]);
	@@ -132,17 +134,12 @@ class URE_View {
132
133	$onclick_for_admin = '';
134	$multisite = $this->lib->get('multisite');
135	- $current_role = $this->~~lib~~->get('current_role');
136	- ~~if (!(~~$~~multisite~~ && $this->~~lib~~->~~is_super_admin~~()~~)) { // do not limit SuperAdmin for multi-site~~
137	- if ('~~administrator~~'~~==$current_role~~) {
138	- $onclick_for_admin = 'onclick="ure_turn_it_back(this)"';
139	- }
140	- }
141	- $user_to_edit = $this->lib->get('user_to_edit');
142	- $roles = $this->lib->get('roles');
143	$full_capabilities = $this->get_full_capabilities();
144	$built_in_wp_caps = $this->lib->get_built_in_wp_caps();
145	- $caps_readable = $this->~~lib~~->get('caps_readable');
146	$caps_groups_manager = URE_Capabilities_Groups_Manager::get_instance();
147
148	$key_capability = URE_Own_Capabilities::get_key_capability();
	@@ -190,7 +187,7 @@ class URE_View {
190	} else {
191	$disabled = '';
192	}
193	- if ($this->~~lib~~->user_can($cap_id)) {
194	$checked = 'checked="checked"';
195	if (!isset($user_to_edit->caps[$cap_id])) {
196	$disabled = 'disabled="disabled"';
	@@ -201,8 +198,7 @@ class URE_View {
201
202	$cap_id_esc = URE_Capability::escape($cap_id);
203	$cap_html = '<div id="ure_cap_div_'. $cap_id_esc .'" '. $class .'><input type="checkbox" name="' . $cap_id_esc . '" id="' .
204	- $cap_id_esc . '" value="' . $cap_id .'" '. $checked . ' ' . $disabled . ' ' ~~. $onclick_for_admin .~~
205	- 'class="ure-cap-cb">';
206
207	if ($caps_readable) {
208	$cap_ind = 'human';
	@@ -251,8 +247,11 @@ class URE_View {
251
252	public function advertise_commercials() {
253


254	$this->advert = new URE_Advertisement();
255	$this->advert->display();

256	}
257	// end of advertisement()
258
	@@ -295,7 +294,8 @@ class URE_View {
295
296
297	public function display_caps($for_role = true, $edit_mode=true) {
298	- ~~$caps_columns_quant = $this->lib->get('caps_columns_quant');~~

299
300	?>
301	<table id="ure_caps_container" cellpadding="0" cellspacing="0">


9	**/
10	class URE_View {
11
12	+ protected $lib = null;
13	+ protected $editor = null;
14
15
16	public function __construct() {
17
18	$this->lib = URE_Lib::get_instance();
19	+ $this->editor = URE_Editor::get_instance();
20
21	}
22	// end of __construct()

79
80	if (isset($builtin_wp_caps[$cap_id])) {
81	if (in_array('deprecated', $builtin_wp_caps[$cap_id])) {
82	+ $show_deprecated_caps = $this->editor->get('show_deprecated_caps');
83	if (!$show_deprecated_caps) {
84	$hidden_class = 'hidden';
85	}

95
96	$blocked = false;
97	$multisite = $this->lib->get('multisite');
98	+ if ($multisite && $this->editor->block_cap_for_single_admin($cap_id, true)) {
99	if ($this->lib->is_super_admin()) {
100	if (!is_network_admin()) {
101	$label_style = 'style="color: red;"';

113	// Get full capabilities list and exclude Visual Composer capabilities from it
114	// Do not take VC capabilities into account as VC stores not boolean values with them
115	protected function get_full_capabilities() {
116	+ $full_caps = $this->editor->get('full_capabilities');
117	foreach($full_caps as $key=>$capability) {
118	if (strpos($key, 'vc_access_rules_')!==false) {
119	unset($full_caps[$key]);

134
135	$onclick_for_admin = '';
136	$multisite = $this->lib->get('multisite');
137	+ $current_role = $this->editor->get('current_role');
138	+ $user_to_edit = $this->editor->get('user_to_edit');
139	+ $roles = $this->editor->get('roles');





140	$full_capabilities = $this->get_full_capabilities();
141	$built_in_wp_caps = $this->lib->get_built_in_wp_caps();
142	+ $caps_readable = $this->editor->get('caps_readable');
143	$caps_groups_manager = URE_Capabilities_Groups_Manager::get_instance();
144
145	$key_capability = URE_Own_Capabilities::get_key_capability();

187	} else {
188	$disabled = '';
189	}
190	+ if ($this->editor->user_can($cap_id)) {
191	$checked = 'checked="checked"';
192	if (!isset($user_to_edit->caps[$cap_id])) {
193	$disabled = 'disabled="disabled"';

198
199	$cap_id_esc = URE_Capability::escape($cap_id);
200	$cap_html = '<div id="ure_cap_div_'. $cap_id_esc .'" '. $class .'><input type="checkbox" name="' . $cap_id_esc . '" id="' .
201	+ $cap_id_esc . '" value="' . $cap_id .'" '. $checked . ' ' . $disabled . ' class="ure-cap-cb">';

202
203	if ($caps_readable) {
204	$cap_ind = 'human';

247
248	public function advertise_commercials() {
249
250	+ require_once(URE_PLUGIN_DIR . 'includes/classes/advertisement.php');
251	+
252	$this->advert = new URE_Advertisement();
253	$this->advert->display();
254	+
255	}
256	// end of advertisement()
257

294
295
296	public function display_caps($for_role = true, $edit_mode=true) {
297	+
298	+ $caps_columns_quant = $this->editor->get('caps_columns_quant');
299
300	?>
301	<table id="ure_caps_container" cellpadding="0" cellspacing="0">

includes/loader.php CHANGED Viewed

	@@ -24,9 +24,11 @@ require_once( URE_PLUGIN_DIR .'includes/classes/role-additional-options.php' );
24	require_once( URE_PLUGIN_DIR .'includes/classes/capability.php' );
25	require_once( URE_PLUGIN_DIR .'includes/classes/woocommerce-capabilities.php' );
26	require_once( URE_PLUGIN_DIR .'includes/classes/capabilities-groups-manager.php' );

27	require_once( URE_PLUGIN_DIR .'includes/classes/view.php' );
28	require_once( URE_PLUGIN_DIR .'includes/classes/role-view.php' );
29	- require_once( URE_PLUGIN_DIR .'includes/classes/tools.php' );
30	require_once( URE_PLUGIN_DIR .'includes/classes/user-view.php' );


31	require_once( URE_PLUGIN_DIR .'includes/classes/settings.php' );
32	require_once( URE_PLUGIN_DIR .'includes/classes/user-role-editor.php' );


24	require_once( URE_PLUGIN_DIR .'includes/classes/capability.php' );
25	require_once( URE_PLUGIN_DIR .'includes/classes/woocommerce-capabilities.php' );
26	require_once( URE_PLUGIN_DIR .'includes/classes/capabilities-groups-manager.php' );
27	+ require_once( URE_PLUGIN_DIR .'includes/classes/capabilities.php' );
28	require_once( URE_PLUGIN_DIR .'includes/classes/view.php' );
29	require_once( URE_PLUGIN_DIR .'includes/classes/role-view.php' );

30	require_once( URE_PLUGIN_DIR .'includes/classes/user-view.php' );
31	+ require_once( URE_PLUGIN_DIR .'includes/classes/editor.php' );
32	+ require_once( URE_PLUGIN_DIR .'includes/classes/tools.php' );
33	require_once( URE_PLUGIN_DIR .'includes/classes/settings.php' );
34	require_once( URE_PLUGIN_DIR .'includes/classes/user-role-editor.php' );

includes/settings-template.php CHANGED Viewed

	@@ -174,7 +174,7 @@ if ( ! $multisite ) {
174	?>
175	<?php esc_html_e( 'Other default roles for new registered user: ', 'user-role-editor' ); ?>
176	<div id="other_default_roles">
177	- <?php ~~$lib->~~show_other_default_roles(); ?>
178	</div>
179	<?php
180	if ( $multisite ) {
	@@ -228,13 +228,14 @@ if ( ! $multisite ) {
228	?>
229	<div id="ure_tabs-5">
230	<?php
231	- $~~tools~~ ~~= new URE_Tools(~~);
232	- $tools->show($tabs_index[5]);
233	?>
234	</div> <!-- ure_tabs-5 -->
235
236	<div id="ure_tabs-6">
237	- <?php ~~$lib->about(); ?>~~


238	</div> <!-- ure_tabs-6 -->
239	</div> <!-- ure_tabs -->
240	</div>


174	?>
175	<?php esc_html_e( 'Other default roles for new registered user: ', 'user-role-editor' ); ?>
176	<div id="other_default_roles">
177	+ <?php self::show_other_default_roles(); ?>
178	</div>
179	<?php
180	if ( $multisite ) {

228	?>
229	<div id="ure_tabs-5">
230	<?php
231	+ URE_Tools::show( $tabs_index[5] );

232	?>
233	</div> <!-- ure_tabs-5 -->
234
235	<div id="ure_tabs-6">
236	+ <?php
237	+ $lib->about();
238	+ ?>
239	</div> <!-- ure_tabs-6 -->
240	</div> <!-- ure_tabs -->
241	</div>

js/ure.js CHANGED Viewed

	@@ -456,10 +456,12 @@ function ure_apply_to_all_on_click(cb) {
456	// end of ure_apply_to_all_on_click()
457
458
459	- // turn on checkbox back if clicked to turn off
460	- function ure_turn_it_back(~~control~~) {
461	-
462	- ~~control.checked~~ = ~~true;~~


463
464	}
465	// end of ure_turn_it_back()
	@@ -544,6 +546,14 @@ function ure_refresh_role_view(response) {
544	// Select capabilities granted to a newly selected role and exclude others
545	jQuery('.ure-cap-cb').each(function () { // go through all capabilities checkboxes
546	jQuery(this).prop('checked', response.caps.hasOwnProperty(this.id) && response.caps[this.id]);








547	});
548
549	// Recalculate granted capabilities for capabilities groups


456	// end of ure_apply_to_all_on_click()
457
458
459	+ // turn on checkbox back if clicked to turn off - for 'administrator' role only!
460	+ function ure_turn_it_back( event ) {
461	+
462	+ if ( 'administrator'===ure_current_role ) {
463	+ event.target.checked = true;
464	+ }
465
466	}
467	// end of ure_turn_it_back()

546	// Select capabilities granted to a newly selected role and exclude others
547	jQuery('.ure-cap-cb').each(function () { // go through all capabilities checkboxes
548	jQuery(this).prop('checked', response.caps.hasOwnProperty(this.id) && response.caps[this.id]);
549	+ if ( ure_data.do_not_revoke_from_admin ) {
550	+ var el = document.getElementById(this.id);
551	+ if ( 'administrator'===ure_current_role ) {
552	+ el.addEventListener( 'click', ure_turn_it_back );
553	+ } else {
554	+ el.removeEventListener( 'click', ure_turn_it_back );
555	+ }
556	+ }
557	});
558
559	// Recalculate granted capabilities for capabilities groups

readme.txt CHANGED Viewed

	@@ -3,8 +3,9 @@ Contributors: shinephp
3	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=vladimir%40shinephp%2ecom&lc=RU&item_name=ShinePHP%2ecom&item_number=User%20Role%20Editor%20WordPress%20plugin&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
4	Tags: user, role, editor, security, access, permission, capability
5	Requires at least: 4.0
6	- Tested up to: 5.~~0.3~~
7	- Stable tag: 4.49

8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
	@@ -79,6 +80,15 @@ https://translate.wordpress.org/projects/wp-plugins/user-role-editor/
79
80
81	== Changelog =









82	= [4.49] 15.01.2019 =
83	* Update: Selected role ID was added to "Delete role" confirmation dialog.
84	* Update: Method URE_Base_Lib::get_short_list_str() was enhanced.
	@@ -92,7 +102,7 @@ https://translate.wordpress.org/projects/wp-plugins/user-role-editor/
92	* Update: URE plugin version update routine is called now at the wp-admin backend only.
93	* Update: Direct access to URE_Lib::bbpress property was excluded as a preparation to future code enhancements.
94
95	- ~~For~~ full list of changes ~~applied to User Role Editor plugin look changelog~~.~~txt file.~~
96
97
98	== Additional Documentation ==
	@@ -102,16 +112,8 @@ You can find more information about "User Role Editor" plugin at [this page](htt
102	I am ready to answer on your questions about plugin usage. Use [plugin page comments](http://www.shinephp.com/user-role-editor-wordpress-plugin/) for that.
103
104	== Upgrade Notice ==
105	- = [4.49] 15.01.~~2019~~ =
106	- * Update: ~~Selected~~ ~~role~~ ID ~~was~~ ~~added~~ to ~~"Delete~~ ~~role"~~ ~~confirmation~~ ~~dialog~~.
107	- * Update: Method URE_Base_Lib::get_short_list_str() was enhanced.
108	- * Update: Method URE_Base_Lib::get_blog_ids() was made public.
109	- * Update: Method URE_Lib::get_usermeta_table_name() was excluded.
110	- * Fix: PHP warning "Undefined index:'unexisted role ID'" was fixed at URE_Lib::roles_text() (wp-content/plugins/user-role-editor/includes/classes/lib.php:360).
111	- * Fix: Bug was fixed with incorrect usage of transient for option "Show deprecated capabilities".
112	-
113	-
114	-
115
116
117


3	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=vladimir%40shinephp%2ecom&lc=RU&item_name=ShinePHP%2ecom&item_number=User%20Role%20Editor%20WordPress%20plugin&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
4	Tags: user, role, editor, security, access, permission, capability
5	Requires at least: 4.0
6	+ Tested up to: 5.1
7	+ Stable tag: 4.50
8	+ Requires PHP: 5.5
9	License: GPLv2 or later
10	License URI: http://www.gnu.org/licenses/gpl-2.0.html
11

80
81
82	== Changelog =
83	+
84	+ = [4.50] 03.02.2019 =
85	+ * PHP version 5.5 was marked as required.
86	+ * Update: General code restructure and optimization.
87	+ * Update: URE_Base_Lib::get_blog_ids() returns null, if it's called under WordPress single site (not multisite).
88	+ * Update: URE_Editor::prepare_capabilities_to_save() : "Invalid argument supplied for foreach()" warning was excluded in case there was no valid data structures initialization.
89	+ * Update: 'administrator' role protection was enhanced. URE always does not allow to revoke capability from 'administrator' role. That was possible earlier after the 'administrator' role update.
90	+ * Update: 2 new actions 'ure_settings_tools_show' and 'ure_settings_tools_exec' allows to extends the list of sections available at the Settings->User Role Editor->Tools tab.
91	+
92	= [4.49] 15.01.2019 =
93	* Update: Selected role ID was added to "Delete role" confirmation dialog.
94	* Update: Method URE_Base_Lib::get_short_list_str() was enhanced.

102	* Update: URE plugin version update routine is called now at the wp-admin backend only.
103	* Update: Direct access to URE_Lib::bbpress property was excluded as a preparation to future code enhancements.
104
105	+ File changelog.txt contains the full list of changes.
106
107
108	== Additional Documentation ==

112	I am ready to answer on your questions about plugin usage. Use [plugin page comments](http://www.shinephp.com/user-role-editor-wordpress-plugin/) for that.
113
114	== Upgrade Notice ==
115	+ = [4.47] 12.11.2018 =
116	+ * Update: Code was restructured, optimized. Almost 100% of the code was covered by PHPUnit tests.








117
118
119

user-role-editor.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: User Role Editor
4	Plugin URI: https://www.role-editor.com
5	Description: Change/add/delete WordPress user roles and capabilities.
6	- Version: 4.49
7	Author: Vladimir Garagulya
8	Author URI: https://www.role-editor.com
9	Text Domain: user-role-editor
	@@ -23,7 +23,7 @@ if ( defined( 'URE_PLUGIN_URL' ) ) {
23	wp_die( 'It seems that other version of User Role Editor is active. Please deactivate it before use this version' );
24	}
25
26	- define( 'URE_VERSION', '4.49' );
27	define( 'URE_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
28	define( 'URE_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
29	define( 'URE_PLUGIN_BASE_NAME', plugin_basename( __FILE__ ) );


3	Plugin Name: User Role Editor
4	Plugin URI: https://www.role-editor.com
5	Description: Change/add/delete WordPress user roles and capabilities.
6	+ Version: 4.50
7	Author: Vladimir Garagulya
8	Author URI: https://www.role-editor.com
9	Text Domain: user-role-editor

23	wp_die( 'It seems that other version of User Role Editor is active. Please deactivate it before use this version' );
24	}
25
26	+ define( 'URE_VERSION', '4.50' );
27	define( 'URE_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
28	define( 'URE_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
29	define( 'URE_PLUGIN_BASE_NAME', plugin_basename( __FILE__ ) );