only tainacan caps can be edited in api #274
This commit is contained in:
leogermani
parent
b22db480f1
commit
ca79ea94a8
|
|
@ -229,12 +229,25 @@ class REST_Roles_Controller extends REST_Controller {
|
|||
|
||||
if ( isset($request['add_cap']) ) {
|
||||
// validate that we only deal with tainacan capabilities
|
||||
if ( ! in_array( \tainacan_roles()->get_cap_generic_name($request['add_cap']) , \tainacan_roles()->get_all_caps_slugs() ) ) {
|
||||
return new \WP_REST_Response([
|
||||
'error_message' => __('Not allowed to edit non Tainacan capabilities.', 'tainacan'),
|
||||
'error' => $request['add_cap']
|
||||
], 400);
|
||||
}
|
||||
|
||||
\wp_roles()->add_cap($role_slug, $request['add_cap']);
|
||||
\tainacan_roles()->add_dependencies($role_slug, $request['add_cap']);
|
||||
}
|
||||
|
||||
if ( isset($request['remove_cap']) ) {
|
||||
// validate that we only deal with tainacan capabilities
|
||||
if ( ! in_array( \tainacan_roles()->get_cap_generic_name($request['remove_cap']) , \tainacan_roles()->get_all_caps_slugs() ) ) {
|
||||
return new \WP_REST_Response([
|
||||
'error_message' => __('Not allowed to edit non Tainacan capabilities.', 'tainacan'),
|
||||
'error' => $request['remove_cap']
|
||||
], 400);
|
||||
}
|
||||
\wp_roles()->remove_cap($role_slug, $request['remove_cap']);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -209,6 +209,21 @@ class Roles {
|
|||
return array_keys($this->capabilities);
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the capabilty generic name as present in
|
||||
* Tainacan\Roles::capabilities
|
||||
*
|
||||
* For example: tnc_col_12_edit or tnc_col_all_edit will return tnc_col_%d_edit
|
||||
*
|
||||
* @param string $cap
|
||||
* @return string Capability slug as in the keys of $this->capabilities
|
||||
*/
|
||||
public function get_cap_generic_name($cap) {
|
||||
$cap = preg_replace('/^(.+_)[0-9]+(_.+)$/', '${1}%d${2}', $cap);
|
||||
$cap = preg_replace('/^(.+_)all(_.+)$/', '${1}%d${2}', $cap);
|
||||
return $cap;
|
||||
}
|
||||
|
||||
public function user_has_cap_filter( $allcaps, $caps, $args, $user ) {
|
||||
|
||||
$requested_cap = $args[0];
|
||||
|
|
@ -263,8 +278,7 @@ class Roles {
|
|||
|
||||
public function add_dependencies($role, $cap) {
|
||||
// convert cap name to the name declared in the roles of this class. tnc_col_12_edit or tnc_col_all_edit should become tnc_col_%d_edit
|
||||
$cap = preg_replace('/^(.+_)[0-9]+(_.+)$/', '${1}%d${2}', $cap);
|
||||
$cap = preg_replace('/^(.+_)all(_.+)$/', '${1}%d${2}', $cap);
|
||||
$cap = $this->get_cap_generic_name($cap);
|
||||
|
||||
if ( isset( $this->capabilities[$cap] ) && isset( $this->capabilities[$cap]['dependencies'] ) ) {
|
||||
$role = \get_role($role);
|
||||
|
|
|
|||
|
|
@ -88,7 +88,7 @@ class TAINACAN_REST_Roles_Controller extends TAINACAN_UnitApiTestCase {
|
|||
$request->set_query_params(
|
||||
[
|
||||
'name' => 'Changed name',
|
||||
'add_cap' => 'fly'
|
||||
'add_cap' => 'tnc_rep_edit_collections'
|
||||
]
|
||||
);
|
||||
|
||||
|
|
@ -97,10 +97,22 @@ class TAINACAN_REST_Roles_Controller extends TAINACAN_UnitApiTestCase {
|
|||
$this->assertEquals( 200, $response->get_status() );
|
||||
|
||||
$role = \wp_roles()->roles['tainacan-new-role'];
|
||||
$this->assertArrayHasKey('fly', $role['capabilities']);
|
||||
$this->assertTrue($role['capabilities']['fly']);
|
||||
$this->assertArrayHasKey('tnc_rep_edit_collections', $role['capabilities']);
|
||||
$this->assertTrue($role['capabilities']['tnc_rep_edit_collections']);
|
||||
$this->assertEquals('Changed name', $role['name']);
|
||||
|
||||
$request = new \WP_REST_Request('PATCH', $this->namespace . '/roles/new-role');
|
||||
|
||||
$request->set_query_params(
|
||||
[
|
||||
'add_cap' => 'manage_options'
|
||||
]
|
||||
);
|
||||
|
||||
$response = $this->server->dispatch($request);
|
||||
|
||||
$this->assertEquals( 400, $response->get_status() );
|
||||
|
||||
}
|
||||
|
||||
public function test_get_role() {
|
||||
|
|
|
|||
Loading…
Reference in New Issue