Cap migration.

git-svn-id: http://svn.automattic.com/wordpress/trunk@2712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2005-07-15 01:24:08 +00:00
parent 27174a151b
commit 2f6ae330c0
5 changed files with 38 additions and 25 deletions

View File

@ -102,16 +102,25 @@ class WP_Role {
class WP_User { class WP_User {
var $data; var $data;
var $id; var $id = 0;
var $caps; var $caps = array();
var $cap_key; var $cap_key;
var $roles; var $roles = array();
var $allcaps; var $allcaps = array();
function WP_User($id) { function WP_User($id) {
global $wp_roles, $table_prefix; global $wp_roles, $table_prefix;
$this->id = $id;
$this->data = get_userdata($id); if ( is_numeric($id) ) {
$this->data = get_userdata($id);
} else {
$this->data = get_userdatabylogin($id);
}
if ( empty($this->data->ID) )
return;
$this->id = $this->data->ID;
$this->cap_key = $table_prefix . 'capabilities'; $this->cap_key = $table_prefix . 'capabilities';
$this->caps = &$this->data->{$this->cap_key}; $this->caps = &$this->data->{$this->cap_key};
$this->get_role_caps(); $this->get_role_caps();
@ -140,8 +149,9 @@ class WP_User {
} }
function remove_role($role) { function remove_role($role) {
if(!empty($this->roles[$role]) && (count($this->roles) > 1)) if ( empty($this->roles[$role]) || (count($this->roles) <= 1) )
unset($this->caps[$cap]); return;
unset($this->caps[$role]);
update_usermeta($this->id, $this->cap_key, $this->caps); update_usermeta($this->id, $this->cap_key, $this->caps);
$this->get_role_caps(); $this->get_role_caps();
} }
@ -177,7 +187,7 @@ class WP_User {
} }
function remove_cap($cap) { function remove_cap($cap) {
if(!empty($this->roles[$role])) return; if ( empty($this->roles[$cap]) ) return;
unset($this->caps[$cap]); unset($this->caps[$cap]);
update_usermeta($this->id, $this->cap_key, $this->caps); update_usermeta($this->id, $this->cap_key, $this->caps);
} }

View File

@ -532,6 +532,7 @@ function wp_new_comment( $commentdata, $spam = false ) {
if ( $user_id ) { if ( $user_id ) {
$userdata = get_userdata($user_id); $userdata = get_userdata($user_id);
$user = new WP_User($user_id);
$post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1"); $post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1");
} }
@ -552,7 +553,7 @@ function wp_new_comment( $commentdata, $spam = false ) {
} }
} }
if ( $userdata && ( $user_id == $post_author || $userdata->user_level >= 9 ) ) { if ( $userdata && ( $user_id == $post_author || $user->has_cap('level_9') ) ) {
$approved = 1; $approved = 1;
} else { } else {
if ( check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) ) if ( check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) )

View File

@ -26,6 +26,9 @@ function create_user( $username, $password, $email, $user_level ) {
$user_level = (int) $user_level; $user_level = (int) $user_level;
update_usermeta( $user_id, $wpdb->prefix . 'user_level', $user_level); update_usermeta( $user_id, $wpdb->prefix . 'user_level', $user_level);
$user = new WP_User($user_id);
$user->set_role(get_settings('default_role'));
return $user_id; return $user_id;
} }

View File

@ -176,8 +176,9 @@ default:
do_action('wp_authenticate', array(&$user_login, &$user_pass)); do_action('wp_authenticate', array(&$user_login, &$user_pass));
if ($user_login && $user_pass) { if ($user_login && $user_pass) {
$user = get_userdatabylogin($user_login); $user = new WP_User($user_login);
if ( 0 == $user->user_level ) // If the user can't edit posts, send them to their profile.
if ( ! $user->has_cap('edit_posts') )
$redirect_to = get_settings('siteurl') . '/wp-admin/profile.php'; $redirect_to = get_settings('siteurl') . '/wp-admin/profile.php';
if ( wp_login($user_login, $user_pass, $using_cookie) ) { if ( wp_login($user_login, $user_pass, $using_cookie) ) {

View File

@ -157,8 +157,8 @@ class wp_xmlrpc_server extends IXR_Server {
return $this->error; return $this->error;
} }
$user_data = get_userdatabylogin($user_login); $user = new WP_User($user_login);
$is_admin = $user_data->user_level > 3; $is_admin = $user->has_cap('level_8');
$struct = array( $struct = array(
'isAdmin' => $is_admin, 'isAdmin' => $is_admin,
@ -295,10 +295,9 @@ class wp_xmlrpc_server extends IXR_Server {
return $this->error; return $this->error;
} }
$user_data = get_userdatabylogin($user_login); $user = new WP_User($user_login);
if ( !$user->has_cap('edit_themes') ) {
if ($user_data->user_level < 3) { return new IXR_Error(401, 'Sorry, this user can not edit the template.');
return new IXR_Error(401, 'Sorry, users whose level is less than 3, can not edit the template.');
} }
/* warning: here we make the assumption that the weblog's URI is on the same server */ /* warning: here we make the assumption that the weblog's URI is on the same server */
@ -331,10 +330,9 @@ class wp_xmlrpc_server extends IXR_Server {
return $this->error; return $this->error;
} }
$user_data = get_userdatabylogin($user_login); $user = new WP_User($user_login);
if ( !$user->has_cap('edit_themes') ) {
if ($user_data->user_level < 3) { return new IXR_Error(401, 'Sorry, this user can not edit the template.');
return new IXR_Error(401, 'Sorry, users whose level is less than 3, can not edit the template.');
} }
/* warning: here we make the assumption that the weblog's URI is on the same server */ /* warning: here we make the assumption that the weblog's URI is on the same server */
@ -849,9 +847,9 @@ class wp_xmlrpc_server extends IXR_Server {
return $this->error; return $this->error;
} }
if(get_settings('fileupload_minlevel') > $user_data->user_level) { $user = new WP_User($user_login);
// User has not enough privileges if ( !$user->has_cap('upload_files') ) {
logIO('O', '(MW) Not enough privilege: user level too low'); logIO('O', '(MW) User does not have upload_files capability');
$this->error = new IXR_Error(401, 'You are not allowed to upload files to this site.'); $this->error = new IXR_Error(401, 'You are not allowed to upload files to this site.');
return $this->error; return $this->error;
} }