Cap migration.
git-svn-id: http://svn.automattic.com/wordpress/trunk@2712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
27174a151b
commit
2f6ae330c0
|
@ -102,16 +102,25 @@ class WP_Role {
|
||||||
|
|
||||||
class WP_User {
|
class WP_User {
|
||||||
var $data;
|
var $data;
|
||||||
var $id;
|
var $id = 0;
|
||||||
var $caps;
|
var $caps = array();
|
||||||
var $cap_key;
|
var $cap_key;
|
||||||
var $roles;
|
var $roles = array();
|
||||||
var $allcaps;
|
var $allcaps = array();
|
||||||
|
|
||||||
function WP_User($id) {
|
function WP_User($id) {
|
||||||
global $wp_roles, $table_prefix;
|
global $wp_roles, $table_prefix;
|
||||||
$this->id = $id;
|
|
||||||
$this->data = get_userdata($id);
|
if ( is_numeric($id) ) {
|
||||||
|
$this->data = get_userdata($id);
|
||||||
|
} else {
|
||||||
|
$this->data = get_userdatabylogin($id);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( empty($this->data->ID) )
|
||||||
|
return;
|
||||||
|
|
||||||
|
$this->id = $this->data->ID;
|
||||||
$this->cap_key = $table_prefix . 'capabilities';
|
$this->cap_key = $table_prefix . 'capabilities';
|
||||||
$this->caps = &$this->data->{$this->cap_key};
|
$this->caps = &$this->data->{$this->cap_key};
|
||||||
$this->get_role_caps();
|
$this->get_role_caps();
|
||||||
|
@ -140,8 +149,9 @@ class WP_User {
|
||||||
}
|
}
|
||||||
|
|
||||||
function remove_role($role) {
|
function remove_role($role) {
|
||||||
if(!empty($this->roles[$role]) && (count($this->roles) > 1))
|
if ( empty($this->roles[$role]) || (count($this->roles) <= 1) )
|
||||||
unset($this->caps[$cap]);
|
return;
|
||||||
|
unset($this->caps[$role]);
|
||||||
update_usermeta($this->id, $this->cap_key, $this->caps);
|
update_usermeta($this->id, $this->cap_key, $this->caps);
|
||||||
$this->get_role_caps();
|
$this->get_role_caps();
|
||||||
}
|
}
|
||||||
|
@ -177,7 +187,7 @@ class WP_User {
|
||||||
}
|
}
|
||||||
|
|
||||||
function remove_cap($cap) {
|
function remove_cap($cap) {
|
||||||
if(!empty($this->roles[$role])) return;
|
if ( empty($this->roles[$cap]) ) return;
|
||||||
unset($this->caps[$cap]);
|
unset($this->caps[$cap]);
|
||||||
update_usermeta($this->id, $this->cap_key, $this->caps);
|
update_usermeta($this->id, $this->cap_key, $this->caps);
|
||||||
}
|
}
|
||||||
|
|
|
@ -532,6 +532,7 @@ function wp_new_comment( $commentdata, $spam = false ) {
|
||||||
|
|
||||||
if ( $user_id ) {
|
if ( $user_id ) {
|
||||||
$userdata = get_userdata($user_id);
|
$userdata = get_userdata($user_id);
|
||||||
|
$user = new WP_User($user_id);
|
||||||
$post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1");
|
$post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -552,7 +553,7 @@ function wp_new_comment( $commentdata, $spam = false ) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( $userdata && ( $user_id == $post_author || $userdata->user_level >= 9 ) ) {
|
if ( $userdata && ( $user_id == $post_author || $user->has_cap('level_9') ) ) {
|
||||||
$approved = 1;
|
$approved = 1;
|
||||||
} else {
|
} else {
|
||||||
if ( check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) )
|
if ( check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) )
|
||||||
|
|
|
@ -26,6 +26,9 @@ function create_user( $username, $password, $email, $user_level ) {
|
||||||
|
|
||||||
$user_level = (int) $user_level;
|
$user_level = (int) $user_level;
|
||||||
update_usermeta( $user_id, $wpdb->prefix . 'user_level', $user_level);
|
update_usermeta( $user_id, $wpdb->prefix . 'user_level', $user_level);
|
||||||
|
$user = new WP_User($user_id);
|
||||||
|
$user->set_role(get_settings('default_role'));
|
||||||
|
|
||||||
return $user_id;
|
return $user_id;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -176,8 +176,9 @@ default:
|
||||||
do_action('wp_authenticate', array(&$user_login, &$user_pass));
|
do_action('wp_authenticate', array(&$user_login, &$user_pass));
|
||||||
|
|
||||||
if ($user_login && $user_pass) {
|
if ($user_login && $user_pass) {
|
||||||
$user = get_userdatabylogin($user_login);
|
$user = new WP_User($user_login);
|
||||||
if ( 0 == $user->user_level )
|
// If the user can't edit posts, send them to their profile.
|
||||||
|
if ( ! $user->has_cap('edit_posts') )
|
||||||
$redirect_to = get_settings('siteurl') . '/wp-admin/profile.php';
|
$redirect_to = get_settings('siteurl') . '/wp-admin/profile.php';
|
||||||
|
|
||||||
if ( wp_login($user_login, $user_pass, $using_cookie) ) {
|
if ( wp_login($user_login, $user_pass, $using_cookie) ) {
|
||||||
|
|
24
xmlrpc.php
24
xmlrpc.php
|
@ -157,8 +157,8 @@ class wp_xmlrpc_server extends IXR_Server {
|
||||||
return $this->error;
|
return $this->error;
|
||||||
}
|
}
|
||||||
|
|
||||||
$user_data = get_userdatabylogin($user_login);
|
$user = new WP_User($user_login);
|
||||||
$is_admin = $user_data->user_level > 3;
|
$is_admin = $user->has_cap('level_8');
|
||||||
|
|
||||||
$struct = array(
|
$struct = array(
|
||||||
'isAdmin' => $is_admin,
|
'isAdmin' => $is_admin,
|
||||||
|
@ -295,10 +295,9 @@ class wp_xmlrpc_server extends IXR_Server {
|
||||||
return $this->error;
|
return $this->error;
|
||||||
}
|
}
|
||||||
|
|
||||||
$user_data = get_userdatabylogin($user_login);
|
$user = new WP_User($user_login);
|
||||||
|
if ( !$user->has_cap('edit_themes') ) {
|
||||||
if ($user_data->user_level < 3) {
|
return new IXR_Error(401, 'Sorry, this user can not edit the template.');
|
||||||
return new IXR_Error(401, 'Sorry, users whose level is less than 3, can not edit the template.');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* warning: here we make the assumption that the weblog's URI is on the same server */
|
/* warning: here we make the assumption that the weblog's URI is on the same server */
|
||||||
|
@ -331,10 +330,9 @@ class wp_xmlrpc_server extends IXR_Server {
|
||||||
return $this->error;
|
return $this->error;
|
||||||
}
|
}
|
||||||
|
|
||||||
$user_data = get_userdatabylogin($user_login);
|
$user = new WP_User($user_login);
|
||||||
|
if ( !$user->has_cap('edit_themes') ) {
|
||||||
if ($user_data->user_level < 3) {
|
return new IXR_Error(401, 'Sorry, this user can not edit the template.');
|
||||||
return new IXR_Error(401, 'Sorry, users whose level is less than 3, can not edit the template.');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* warning: here we make the assumption that the weblog's URI is on the same server */
|
/* warning: here we make the assumption that the weblog's URI is on the same server */
|
||||||
|
@ -849,9 +847,9 @@ class wp_xmlrpc_server extends IXR_Server {
|
||||||
return $this->error;
|
return $this->error;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(get_settings('fileupload_minlevel') > $user_data->user_level) {
|
$user = new WP_User($user_login);
|
||||||
// User has not enough privileges
|
if ( !$user->has_cap('upload_files') ) {
|
||||||
logIO('O', '(MW) Not enough privilege: user level too low');
|
logIO('O', '(MW) User does not have upload_files capability');
|
||||||
$this->error = new IXR_Error(401, 'You are not allowed to upload files to this site.');
|
$this->error = new IXR_Error(401, 'You are not allowed to upload files to this site.');
|
||||||
return $this->error;
|
return $this->error;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue