tmdinosaurcenter
/
tainacan
mirror of https://github.com/tainacan/tainacan
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

new default roles #274

This commit is contained in:
leogermani 2019-11-04 18:55:40 -03:00
parent 59054f32f6
commit 7f4298b3a5
6 changed files with 145 additions and 616 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

570
src/classes/class-tainacan-capabilities.php
View File

@ -1,570 +0,0 @@
<?php
namespace Tainacan;
use Tainacan\Repositories\Repository;
class Capabilities {
public $defaults = [
"tainacan-collection"=> [
"administrator"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"editor"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"author"=> [
"delete_posts",
"edit_posts",
"publish_posts",
"delete_published_posts",
"edit_published_posts",
"read"
],
"contributor"=> [
"read"
],
"subscriber"=> [
"read"
]
],
"tainacan-metadatum"=> [
"administrator"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"editor"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"author"=> [
"delete_posts",
"edit_posts",
"publish_posts",
"delete_published_posts",
"edit_published_posts",
"read"
],
"contributor"=> [
"delete_posts",
"edit_posts",
"read"
],
"subscriber"=> [
"read"
]
],
"tainacan-filter"=> [
"administrator"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"editor"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"author"=> [
"delete_posts",
"edit_posts",
"publish_posts",
"delete_published_posts",
"edit_published_posts",
"read"
],
"contributor"=> [
"delete_posts",
"edit_posts",
"read"
],
"subscriber"=> [
"read"
]
],
"tainacan-taxonomy"=> [
"administrator"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"editor"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"author"=> [
"delete_posts",
"edit_posts",
"publish_posts",
"delete_published_posts",
"edit_published_posts",
"read"
],
"contributor"=> [
"delete_posts",
"edit_posts",
"read"
],
"subscriber"=> [
"read"
]
],
"tainacan-log"=> [
"administrator"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"editor"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"author"=> [
"delete_posts",
"edit_posts",
"publish_posts",
"delete_published_posts",
"edit_published_posts",
"read"
],
"contributor"=> [
"delete_posts",
"edit_posts",
"read"
],
"subscriber"=> [
"read"
]
],
"tainacan-items"=> [ // abstract, will apply to collection Items
"administrator"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"editor"=> [
"delete_posts",
"delete_private_posts",
"edit_posts",
"edit_private_posts",
"publish_posts",
"read_private_posts",
"delete_published_posts",
"edit_published_posts",
"edit_others_posts",
"delete_others_posts",
"read"
],
"author"=> [
"delete_posts",
"edit_posts",
"publish_posts",
"delete_published_posts",
"edit_published_posts",
"read"
],
"contributor"=> [
"delete_posts",
"edit_posts",
"read"
],
"subscriber"=> [
"read"
]
],
];
public static $dependencies = [
"tainacan-items" => [
'edit_posts' => 'upload_files',
"edit_private_posts" => 'upload_files',
"edit_published_posts" => 'upload_files',
"edit_others_posts" => 'upload_files'
]
];
private static $instance = null;
public static function get_instance()
{
if(!isset(self::$instance))
{
self::$instance = new self();
}
return self::$instance;
}
/**
* Register hooks
*/
private function __construct() {
add_action('tainacan-insert-tainacan-collection', array(&$this, 'new_collection'));
add_action('tainacan-add-collection-moderators', array(&$this, 'add_moderators'), 10, 2);
add_action('tainacan-remove-collection-moderators', array(&$this, 'remove_moderators'), 10, 2);
add_filter( 'gettext_with_context', array(&$this, 'translate_user_roles'), 10, 4 );
// Dummy calls for translation.
_x('Tainacan Author', 'User role', 'tainacan');
_x('Tainacan Contributor', 'User role', 'tainacan');
_x('Tainacan Editor', 'User role', 'tainacan');
}
/**
* Tainacan default roles
*
* These are roles relative to the native WordPress roles. They will have
* the same capabilities of their relatives native roles in what is concerned to
* tainacan activities, but will have no other WordPress capabilities.
*
* @return array Tainacan roles
*/
public function get_tainacan_roles() {
$tainacan_roles = [
'editor' => [
'slug' => 'tainacan-editor',
'display_name' => 'Tainacan Editor'
],
'contributor' => [
'slug' => 'tainacan-contributor',
'display_name' => 'Tainacan Contributor'
],
'author' => [
'slug' => 'tainacan-author',
'display_name' => 'Tainacan Author'
],
];
return $tainacan_roles;
}
/**
* Callback to gettext_with_context hook to translate custom ueser roles.
*
* Since user roles are stored in the database, we have to translate them on the fly
* using translate_user_role() function.
*
* @see https://wordpress.stackexchange.com/questions/141551/how-to-auto-translate-custom-user-roles
*/
public function translate_user_roles( $translations, $text, $context, $domain ) {
$plugin_domain = 'tainacan';
$roles_names = array_map(function($role) {
return $role['display_name'];
}, $this->get_tainacan_roles());
if ( $context === 'User role' && in_array( $text, $roles_names ) && $domain !== $plugin_domain ) {
return translate_with_gettext_context( $text, $context, $plugin_domain );
}
return $translations;
}
protected function check_dependencies($role, $post_type, $cap, $add = true) {
if(
array_key_exists($post_type, self::$dependencies) &&
array_key_exists($cap, self::$dependencies[$post_type])
) {
$added = false;
if(! $role->has_cap(self::$dependencies[$post_type][$cap]) && $add) {
$role->add_cap(self::$dependencies[$post_type][$cap]);
$added = true;
}
if($role instanceof \WP_User && $add) { //moderator
$append_caps = get_user_meta($role->ID, '.tainacan-dependecies-caps', true);
if(! is_array($append_caps)) $append_caps = [];
if(
(! array_key_exists(self::$dependencies[$post_type][$cap], $append_caps) && $added ) || // we never added and need to add
(
array_key_exists(self::$dependencies[$post_type][$cap], $append_caps) &&
$append_caps[self::$dependencies[$post_type][$cap]] === false &&
$added
) // we added but before is not need to add
) {
$append_caps[self::$dependencies[$post_type][$cap]] = 0;
}
else { // we to not added this cap
$append_caps[self::$dependencies[$post_type][$cap]] = false;
}
if($append_caps[self::$dependencies[$post_type][$cap]] !== false) {
$append_caps[self::$dependencies[$post_type][$cap]]++; // add 1 to each collection he is a moderator
update_user_meta($role->ID, '.tainacan-dependecies-caps', $append_caps);
}
}
return self::$dependencies[$post_type][$cap];
}
return false;
}
/**
* Update post_type caps using WordPress basic roles and register tainacan roles
*/
public function init() {
$defaults_caps = apply_filters('tainacan-defaults-capabilities', $this->defaults);
foreach ($defaults_caps as $post_type => $wp_append_roles) {
if($post_type == 'tainacan-items') continue;
$entity = Repository::get_entity_by_post_type($post_type);
$entity_cap = $entity->get_capabilities();
// append new capabilities to WordPress default roles
foreach ($wp_append_roles as $role_name => $caps) {
$role = get_role($role_name);
if(!is_object($role)) {
throw new \Exception(sprintf('Role "%s" not found', $role_name));
}
foreach ($caps as $cap) {
$role->add_cap($entity_cap->$cap);
$this->check_dependencies($role, $post_type, $cap);
}
$tainacan_roles = $this->get_tainacan_roles();
if (array_key_exists($role_name, $tainacan_roles)) {
$tainacan_role = add_role( $tainacan_roles[$role_name]['slug'], $tainacan_roles[$role_name]['display_name'] );
if(!is_object($tainacan_role)) {
$tainacan_role = get_role($tainacan_roles[$role_name]['slug']);
}
if(!is_object($tainacan_role)) {
throw new \Exception(sprintf('Role "%s" not found', $tainacan_roles[$role_name]['slug']));
}
foreach ($caps as $cap) {
$tainacan_role->add_cap($entity_cap->$cap);
$this->check_dependencies($tainacan_role, $post_type, $cap);
}
}
}
}
$Tainacan_Collections = \Tainacan\Repositories\Collections::get_instance();
$collections = $Tainacan_Collections->fetch([], 'OBJECT');
foreach ($collections as $collection) {
$this->set_items_capabilities($collection, $defaults_caps);
}
}
/**
* Set config roles for items
* @param \Tainacan\Entities\Collection $collection
*/
public function set_items_capabilities($collection, $defaults_caps = null) {
if(is_null($defaults_caps)) $defaults_caps = apply_filters('tainacan-defaults-capabilities', $this->defaults); // External Call
$collection_items_caps = $collection->get_items_capabilities();
foreach ($defaults_caps['tainacan-items'] as $role_name => $caps) {
$role = get_role($role_name);
if(!is_object($role)) {
throw new \Exception(sprintf('Role "%s" not found', $role_name));
}
foreach ($caps as $cap) {
$role->add_cap($collection_items_caps->$cap);
$this->check_dependencies($role, 'tainacan-items', $cap);
}
// Tainacan relative role
$role = get_role('tainacan-' . $role_name);
if (\is_object($role)) {
foreach ($caps as $cap) {
$role->add_cap($collection_items_caps->$cap);
$this->check_dependencies($role, 'tainacan-items', $cap);
}
}
}
// Refresh roles capabilities for current user to have instant effect
global $current_user;
$current_user->get_role_caps();
}
/**
* Return list of editable roles
* @return array List of roles
*/
public static function get_editable_roles() {
// TODO $this->security_check();
global $wp_roles;
if(! isset($wp_roles)) $wp_roles = new \WP_Roles();
$all_roles = $wp_roles->get_names();
$editable_roles = apply_filters('tainacan-editable-roles', $all_roles);
return $all_roles;
}
/**
* Hook to set capabilities to the new created collection
* @param \Tainacan\Entities\Collection $collection
*/
public function new_collection($collection)
{
$this->set_items_capabilities($collection);
}
/**
* Hooke to revoke the capabilities for the items post type of the collection
* @param \Tainacan\Entities\Collection $collection The collection object
* @param array $moderators List of IDs of user IDs removed from the moderators list of the collection
* @return void
*/
public function remove_moderators($collection, $moderators) {
$defaults_caps = apply_filters('tainacan-defaults-capabilities', $this->defaults);
if (is_array($moderators)) {
$collection_items_caps = $collection->get_items_capabilities();
foreach ($moderators as $moderator) {
$user = get_userdata($moderator);
if ($user instanceof \WP_User && is_object($collection_items_caps)) {
$caps = $defaults_caps['tainacan-items']['editor'];
foreach ($caps as $cap) {
$user->remove_cap($collection_items_caps->$cap);
$dep_cap = $this->check_dependencies($user, 'tainacan-items', $cap, false);
if($dep_cap !== false) {
$appended_caps = get_user_meta($user->ID, '.tainacan-dependecies-caps', true);
if(array_key_exists($dep_cap, $appended_caps) && $appended_caps[$dep_cap] !== false && $appended_caps[$dep_cap] > 0) {
$appended_caps[$dep_cap]--;
update_user_meta($user->ID, '.tainacan-dependecies-caps', $appended_caps);
if($appended_caps == 0) { // they are not a moderator of a collection, remove cap at all
$user->remove_cap($cap);
}
}
}
}
}
}
}
}
/**
* Hooke to grant the capabilities for the items post type of the collection
* @param \Tainacan\Entities\Collection $collection The collection object
* @param array $moderators List of IDs of user IDs added to the moderators list of the collection
* @return void
*/
public function add_moderators($collection, $moderators) {
$defaults_caps = apply_filters('tainacan-defaults-capabilities', $this->defaults);
if (is_array($moderators)) {
$collection_items_caps = $collection->get_items_capabilities();
foreach ($moderators as $moderator) {
$user = get_userdata($moderator);
if ($user instanceof \WP_User && is_object($collection_items_caps)) {
$caps = $defaults_caps['tainacan-items']['editor'];
foreach ($caps as $cap) {
$user->add_cap($collection_items_caps->$cap);
$this->check_dependencies($user, 'tainacan-items', $cap);
}
}
}
}
}
}

100
src/classes/class-tainacan-roles.php
View File

@ -195,6 +195,89 @@ class Roles {
add_filter( 'user_has_cap', [$this, 'user_has_cap_filter'], 10, 4 ); add_filter( 'user_has_cap', [$this, 'user_has_cap_filter'], 10, 4 );
add_filter( 'map_meta_cap', [$this, 'map_meta_cap'], 10, 4 ); add_filter( 'map_meta_cap', [$this, 'map_meta_cap'], 10, 4 );
add_filter( 'gettext_with_context', array(&$this, 'translate_user_roles'), 10, 4 );
// Dummy calls for translation.
_x('Tainacan Administrator', 'User role', 'tainacan');
_x('Tainacan Editor', 'User role', 'tainacan');
_x('Tainacan Author', 'User role', 'tainacan');
}
/**
* Tainacan default roles
*
* @return array Tainacan roles
*/
public function get_tainacan_roles() {
$tainacan_roles = [
'administrator' => [
'slug' => 'tainacan-administrator',
'display_name' => 'Tainacan Administrator',
'caps' => [
'manage_tainacan' => true
]
],
'editor' => [
'slug' => 'tainacan-editor',
'display_name' => 'Tainacan Editor',
'caps' => [
'tnc_rep_edit_collections' => true,
'tnc_rep_delete_collections' => true,
'tnc_rep_edit_taxonomies' => true,
'tnc_rep_edit_others_taxonomies' => true,
'tnc_rep_delete_taxonomies' => true,
'tnc_rep_delete_others_taxonomies' => true,
'tnc_rep_edit_metadata' => true,
'tnc_rep_edit_filters' => true,
'tnc_rep_delete_metadata' => true,
'tnc_rep_delete_filters' => true,
'tnc_rep_read_private_collections' => true,
'tnc_rep_read_private_taxonomies' => true,
'tnc_rep_read_private_metadata' => true,
'tnc_rep_read_private_filters' => true,
'tnc_rep_read_logs' => true,
'manage_tainacan_collection_all' => true
]
],
'author' => [
'slug' => 'tainacan-author',
'display_name' => 'Tainacan Author',
'caps' => [
'tnc_rep_edit_collections' => true,
'tnc_rep_edit_taxonomies' => true,
'tnc_rep_read_private_collections' => true,
'tnc_rep_read_private_taxonomies' => true,
'tnc_rep_read_private_metadata' => true,
'tnc_rep_read_private_filters' => true,
]
],
];
return $tainacan_roles;
}
/**
* Callback to gettext_with_context hook to translate custom ueser roles.
*
* Since user roles are stored in the database, we have to translate them on the fly
* using translate_user_role() function.
*
* @see https://wordpress.stackexchange.com/questions/141551/how-to-auto-translate-custom-user-roles
*/
public function translate_user_roles( $translations, $text, $context, $domain ) {
$plugin_domain = 'tainacan';
$roles_names = array_map(function($role) {
return $role['display_name'];
}, $this->get_tainacan_roles());
if ( $context === 'User role' && in_array( $text, $roles_names ) && $domain !== $plugin_domain ) {
return translate_with_gettext_context( $text, $context, $plugin_domain );
}
return $translations;
} }
public function get_all_caps() { public function get_all_caps() {
@ -205,6 +288,21 @@ class Roles {
return array_keys($this->capabilities); return array_keys($this->capabilities);
} }
public function init_default_roles() {
foreach ($this->get_tainacan_roles() as $role) {
$new_role = add_role(
$role['slug'],
$role['display_name'],
$role['caps']
);
}
$admin = get_role('administrator');
$admin->add_cap('manage_tainacan');
}
/** /**
* Gets the capabilty generic name as present in * Gets the capabilty generic name as present in
* Tainacan\Roles::capabilities * Tainacan\Roles::capabilities
@ -256,7 +354,7 @@ class Roles {
// check if the user is the owner // check if the user is the owner
$collection = tainacan_collections()->fetch( (int) $col_id ); $collection = tainacan_collections()->fetch( (int) $col_id );
if ( $collection instanceof \Tainacan\Entities\Collection ) { if ( $collection instanceof \Tainacan\Entities\Collection ) {
if ( $collection->get_author_id() == $user->ID ) { if ( (int) $collection->get_author_id() == (int) $user->ID ) {
$allcaps = array_merge($allcaps, [ $cap => true ]); $allcaps = array_merge($allcaps, [ $cap => true ]);
} }
} }

6
src/classes/entities/class-tainacan-collection.php
View File

@ -180,9 +180,9 @@ class Collection extends Entity {
return (object) [ return (object) [
// meta // meta
'edit_post' => "tnc_col_edit_item", 'edit_post' => "tnc_rep_edit_collection",
'read_post' => "tnc_col_read_item", 'read_post' => "tnc_rep_read_collection",
'delete_post' => "tnc_col_delete_item", 'delete_post' => "tnc_rep_delete_collection",
// primitive // primitive
'edit_posts' => "tnc_rep_edit_collections", 'edit_posts' => "tnc_rep_edit_collections",

2
src/classes/tainacan-creator.php
View File

@ -177,8 +177,6 @@ $Tainacan_Elastic_press = \Tainacan\Elastic_Press::get_instance();
require_once(__DIR__ . '/class-tainacan-background-process-heartbeat.php'); require_once(__DIR__ . '/class-tainacan-background-process-heartbeat.php');
$Tainacan_Importer_Heartbeat = new \Tainacan\Background_Importer_Heartbeat(); $Tainacan_Importer_Heartbeat = new \Tainacan\Background_Importer_Heartbeat();
$Tainacan_Capabilities = \Tainacan\Capabilities::get_instance();
$Tainacan_Roles = \Tainacan\Roles::get_instance(); $Tainacan_Roles = \Tainacan\Roles::get_instance();
$TainacanPrivateFiles = \Tainacan\Private_Files::get_instance(); $TainacanPrivateFiles = \Tainacan\Private_Files::get_instance();

9
src/migrations.php
View File

@ -105,11 +105,6 @@ class Migrations {
} }
static function init_capabilites() {
$Tainacan_Capabilities = \Tainacan\Capabilities::get_instance();
$Tainacan_Capabilities->init();
}
static function tainacan_migrate_post_type_field_to_metadatum(){ static function tainacan_migrate_post_type_field_to_metadatum(){
global $wpdb; global $wpdb;
@ -419,6 +414,10 @@ class Migrations {
} }
static function init_default_roles() {
\tainacan_roles()->init_default_roles();
}
} }

4
tests/test-collections.php
View File

@ -17,6 +17,7 @@ class Collections extends TAINACAN_UnitTestCase {
* @group permissions * @group permissions
*/ */
function test_permissions () { function test_permissions () {
global $current_user;
$collection_test = $this->tainacan_entity_factory->create_entity( $collection_test = $this->tainacan_entity_factory->create_entity(
'collection', 'collection',
array( array(
@ -55,6 +56,9 @@ class Collections extends TAINACAN_UnitTestCase {
), ),
true true
); );
$autor_2_user = get_userdata( $autor2 );
$autor_2_user->add_cap('tnc_rep_edit_collections');
$current_user = $autor_2_user;
$current_user_id = get_current_user_id(); $current_user_id = get_current_user_id();
$this->assertEquals($autor2, $current_user_id); $this->assertEquals($autor2, $current_user_id);
$this->assertFalse(current_user_can($collection_test->cap->edit_post, $collection_test->WP_Post->ID)); $this->assertFalse(current_user_can($collection_test->cap->edit_post, $collection_test->WP_Post->ID));