First scratch at Taxonomy Capabilities. See #12035
git-svn-id: http://svn.automattic.com/wordpress/trunk@12833 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
01f0afcd21
commit
32adec13a9
|
@ -204,7 +204,7 @@ function _wp_ajax_add_hierarchical_term() {
|
|||
$action = $_POST['action'];
|
||||
$taxonomy = get_taxonomy(substr($action, 4));
|
||||
check_ajax_referer( $action );
|
||||
if ( !current_user_can( 'manage_categories' ) )
|
||||
if ( !current_user_can( $taxonomy->manage_cap ) )
|
||||
die('-1');
|
||||
$names = explode(',', $_POST['new'.$taxonomy->name]);
|
||||
$parent = isset($_POST['new'.$taxonomy->name.'_parent']) ? (int) $_POST['new'.$taxonomy->name.'_parent'] : 0;
|
||||
|
@ -329,10 +329,12 @@ case 'delete-cat' :
|
|||
case 'delete-tag' :
|
||||
$tag_id = (int) $_POST['tag_ID'];
|
||||
check_ajax_referer( "delete-tag_$tag_id" );
|
||||
if ( !current_user_can( 'manage_categories' ) )
|
||||
die('-1');
|
||||
|
||||
$taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : 'post_tag';
|
||||
$tax = get_taxonomy($taxonomy);
|
||||
|
||||
if ( !current_user_can( $tax->delete_cap ) )
|
||||
die('-1');
|
||||
|
||||
$tag = get_term( $tag_id, $taxonomy );
|
||||
if ( !$tag || is_wp_error( $tag ) )
|
||||
|
@ -599,10 +601,13 @@ case 'add-link-cat' : // From Blogroll -> Categories
|
|||
break;
|
||||
case 'add-tag' : // From Manage->Tags
|
||||
check_ajax_referer( 'add-tag' );
|
||||
if ( !current_user_can( 'manage_categories' ) )
|
||||
die('-1');
|
||||
|
||||
$taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : 'post_tag';
|
||||
$tax = get_taxonomy($taxonomy);
|
||||
|
||||
if ( !current_user_can( $tax->edit_cap ) )
|
||||
die('-1');
|
||||
|
||||
$tag = wp_insert_term($_POST['tag-name'], $taxonomy, $_POST );
|
||||
|
||||
if ( !$tag || is_wp_error($tag) || (!$tag = get_term( $tag['term_id'], $taxonomy )) ) {
|
||||
|
@ -1175,7 +1180,12 @@ case 'inline-save':
|
|||
case 'inline-save-tax':
|
||||
check_ajax_referer( 'taxinlineeditnonce', '_inline_edit' );
|
||||
|
||||
if ( ! current_user_can('manage_categories') )
|
||||
$taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : false;
|
||||
if ( ! $taxonomy )
|
||||
die( __('Cheatin’ uh?') );
|
||||
$tax = get_taxonomy($taxonomy);
|
||||
|
||||
if ( ! current_user_can( $tax->edit_cap ) )
|
||||
die( __('Cheatin’ uh?') );
|
||||
|
||||
if ( ! isset($_POST['tax_ID']) || ! ( $id = (int) $_POST['tax_ID'] ) )
|
||||
|
|
|
@ -97,10 +97,13 @@ foreach ( get_object_taxonomies($post_type) as $tax_name ) {
|
|||
$taxonomy = get_taxonomy($tax_name);
|
||||
$label = isset($taxonomy->label) ? esc_attr($taxonomy->label) : $tax_name;
|
||||
|
||||
if ( !current_user_can($taxonomy->manage_cap) )
|
||||
continue;
|
||||
|
||||
if ( !is_taxonomy_hierarchical($tax_name) )
|
||||
add_meta_box('tagsdiv-' . $tax_name, $label, 'post_tags_meta_box', $post_type, 'side', 'core');
|
||||
else
|
||||
add_meta_box($tax_name.'div', $label, 'post_categories_meta_box', 'post', 'side', 'core', array( 'taxonomy' => $tax_name ));
|
||||
add_meta_box($tax_name . 'div', $label, 'post_categories_meta_box', 'post', 'side', 'core', array( 'taxonomy' => $tax_name ));
|
||||
}
|
||||
|
||||
if ( post_type_supports($post_type, 'page-attributes') )
|
||||
|
|
|
@ -19,6 +19,8 @@ if ( empty($taxonomy) )
|
|||
if ( !is_taxonomy($taxonomy) )
|
||||
wp_die(__('Invalid taxonomy'));
|
||||
|
||||
$tax = get_taxonomy($taxonomy);
|
||||
|
||||
if ( empty($post_type) || !in_array( $post_type, get_post_types( array('_show' => true) ) ) )
|
||||
$post_type = 'post';
|
||||
|
||||
|
@ -39,7 +41,7 @@ case 'add-tag':
|
|||
|
||||
check_admin_referer('add-tag');
|
||||
|
||||
if ( !current_user_can('manage_categories') )
|
||||
if ( !current_user_can($tax->edit_cap) )
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
|
||||
$ret = wp_insert_term($_POST['tag-name'], $taxonomy, $_POST);
|
||||
|
@ -60,7 +62,7 @@ case 'delete':
|
|||
$tag_ID = (int) $_GET['tag_ID'];
|
||||
check_admin_referer('delete-tag_' . $tag_ID);
|
||||
|
||||
if ( !current_user_can('manage_categories') )
|
||||
if ( !current_user_can($tax->delete_cap) )
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
|
||||
wp_delete_term( $tag_ID, $taxonomy);
|
||||
|
@ -80,7 +82,7 @@ break;
|
|||
case 'bulk-delete':
|
||||
check_admin_referer('bulk-tags');
|
||||
|
||||
if ( !current_user_can('manage_categories') )
|
||||
if ( !current_user_can($tax->delete_cap) )
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
|
||||
$tags = (array) $_GET['delete_tags'];
|
||||
|
@ -115,7 +117,7 @@ case 'editedtag':
|
|||
$tag_ID = (int) $_POST['tag_ID'];
|
||||
check_admin_referer('update-tag_' . $tag_ID);
|
||||
|
||||
if ( !current_user_can('manage_categories') )
|
||||
if ( !current_user_can($tax->edit_cap) )
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
|
||||
$ret = wp_update_term($tag_ID, $taxonomy, $_POST);
|
||||
|
@ -142,10 +144,8 @@ if ( isset($_GET['_wp_http_referer']) && ! empty($_GET['_wp_http_referer']) ) {
|
|||
exit;
|
||||
}
|
||||
|
||||
$can_manage = current_user_can('manage_categories');
|
||||
|
||||
wp_enqueue_script('admin-tags');
|
||||
if ( $can_manage )
|
||||
if ( current_user_can($tax->edit_cap) )
|
||||
wp_enqueue_script('inline-edit-tax');
|
||||
|
||||
require_once ('admin-header.php');
|
||||
|
@ -249,10 +249,7 @@ if ( $page_links )
|
|||
</tfoot>
|
||||
|
||||
<tbody id="the-list" class="list:tag">
|
||||
<?php
|
||||
|
||||
$count = tag_rows( $pagenum, $tags_per_page, $searchterms, $taxonomy );
|
||||
?>
|
||||
<?php tag_rows( $pagenum, $tags_per_page, $searchterms, $taxonomy ); ?>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
|
@ -284,15 +281,15 @@ if ( $page_links )
|
|||
<div class="tagcloud">
|
||||
<h3><?php _e('Popular Tags'); ?></h3>
|
||||
<?php
|
||||
if ( $can_manage )
|
||||
if ( current_user_can($tax->edit_cap) )
|
||||
wp_tag_cloud(array('taxonomy' => $taxonomy, 'link' => 'edit'));
|
||||
else
|
||||
wp_tag_cloud(array('taxonomy' => $taxonomy));
|
||||
?>
|
||||
</div>
|
||||
|
||||
<?php if ( $can_manage ) {
|
||||
do_action('add_tag_form_pre'); ?>
|
||||
<?php if ( current_user_can($tax->edit_cap) ) {
|
||||
do_action('add_tag_form_pre', $taxonomy); ?>
|
||||
|
||||
<div class="form-wrap">
|
||||
<h3><?php _e('Add a New Tag'); ?></h3>
|
||||
|
@ -327,7 +324,7 @@ else
|
|||
</div>
|
||||
|
||||
<p class="submit"><input type="submit" class="button" name="submit" id="submit" value="<?php esc_attr_e('Add Tag'); ?>" /></p>
|
||||
<?php do_action('add_tag_form'); ?>
|
||||
<?php do_action('add_tag_form', $taxonomy); ?>
|
||||
</form></div>
|
||||
<?php } ?>
|
||||
|
||||
|
|
|
@ -239,6 +239,8 @@ if ( !in_array( $post->post_status, array('publish', 'future', 'private') ) || 0
|
|||
function post_tags_meta_box($post, $box) {
|
||||
$tax_name = esc_attr(substr($box['id'], 8));
|
||||
$taxonomy = get_taxonomy($tax_name);
|
||||
if ( !current_user_can($taxonomy->manage_cap) )
|
||||
return;
|
||||
$helps = isset($taxonomy->helps) ? esc_attr($taxonomy->helps) : __('Separate tags with commas.');
|
||||
?>
|
||||
<div class="tagsdiv" id="<?php echo $tax_name; ?>">
|
||||
|
@ -275,6 +277,10 @@ function post_categories_meta_box( $post, $box ) {
|
|||
else
|
||||
$args = $box['args'];
|
||||
extract( wp_parse_args($args, $defaults), EXTR_SKIP );
|
||||
$tax = get_taxonomy($taxonomy);
|
||||
|
||||
if ( !current_user_can($tax->manage_cap) )
|
||||
return;
|
||||
?>
|
||||
<div id="taxonomy-<?php echo $taxonomy; ?>" class="categorydiv">
|
||||
<ul id="<?php echo $taxonomy; ?>-tabs" class="category-tabs">
|
||||
|
@ -294,7 +300,7 @@ function post_categories_meta_box( $post, $box ) {
|
|||
</ul>
|
||||
</div>
|
||||
|
||||
<?php if ( current_user_can('manage_categories') ) : ?>
|
||||
<?php if ( current_user_can($tax->edit_cap) ) : ?>
|
||||
<div id="<?php echo $taxonomy; ?>-adder" class="wp-hidden-children">
|
||||
<h4><a id="<?php echo $taxonomy; ?>-add-toggle" href="#<?php echo $taxonomy; ?>-add" class="hide-if-no-js" tabindex="3"><?php _e( '+ Add New Category' ); ?></a></h4>
|
||||
<p id="<?php echo $taxonomy; ?>-add" class="category-add wp-hidden-child">
|
||||
|
|
|
@ -211,7 +211,8 @@ function _cat_row( $category, $level, $name_override = false ) {
|
|||
*/
|
||||
function inline_edit_term_row($type, $taxonomy) {
|
||||
|
||||
if ( ! current_user_can( 'manage_categories' ) )
|
||||
$tax = get_taxonomy($taxonomy);
|
||||
if ( ! current_user_can( $tax->edit_cap ) )
|
||||
return;
|
||||
|
||||
$columns = get_column_headers($type);
|
||||
|
@ -678,16 +679,22 @@ function _tag_row( $tag, $level, $class = '', $taxonomy = 'post_tag' ) {
|
|||
$tagsel = 'category_name';
|
||||
else
|
||||
$tagsel = $taxonomy;
|
||||
|
||||
$tax = get_taxonomy($taxonomy);
|
||||
|
||||
$count = ( $count > 0 ) ? "<a href='edit.php?$tagsel=$tag->slug'>$count</a>" : $count;
|
||||
|
||||
$pad = str_repeat( '— ', max(0, $level) );
|
||||
$name = apply_filters( 'term_name', $pad . ' ' . $tag->name );
|
||||
$qe_data = get_term($tag->term_id, $taxonomy, object, 'edit');
|
||||
$edit_link = "edit-tags.php?action=edit&taxonomy=$taxonomy&tag_ID=$tag->term_id";
|
||||
|
||||
$out = '';
|
||||
$out .= '<tr id="tag-' . $tag->term_id . '"' . $class . '>';
|
||||
|
||||
$columns = get_column_headers('edit-tags');
|
||||
$hidden = get_hidden_columns('edit-tags');
|
||||
$default_term = get_option('default_' . $taxonomy);
|
||||
foreach ( $columns as $column_name => $column_display_name ) {
|
||||
$class = "class=\"$column_name column-$column_name\"";
|
||||
|
||||
|
@ -699,7 +706,7 @@ function _tag_row( $tag, $level, $class = '', $taxonomy = 'post_tag' ) {
|
|||
|
||||
switch ($column_name) {
|
||||
case 'cb':
|
||||
if ( $tag->term_id != get_option('default_' . $taxonomy) )
|
||||
if ( current_user_can($tax->delete_cap) && $tag->term_id != $default_term )
|
||||
$out .= '<th scope="row" class="check-column"> <input type="checkbox" name="delete_tags[]" value="' . $tag->term_id . '" /></th>';
|
||||
else
|
||||
$out .= '<th scope="row" class="check-column"> </th>';
|
||||
|
@ -707,9 +714,11 @@ function _tag_row( $tag, $level, $class = '', $taxonomy = 'post_tag' ) {
|
|||
case 'name':
|
||||
$out .= '<td ' . $attributes . '><strong><a class="row-title" href="' . $edit_link . '" title="' . esc_attr(sprintf(__('Edit “%s”'), $name)) . '">' . $name . '</a></strong><br />';
|
||||
$actions = array();
|
||||
$actions['edit'] = '<a href="' . $edit_link . '">' . __('Edit') . '</a>';
|
||||
$actions['inline hide-if-no-js'] = '<a href="#" class="editinline">' . __('Quick Edit') . '</a>';
|
||||
if ( $tag->term_id != get_option('default_' . $taxonomy) )
|
||||
if ( current_user_can($tax->edit_cap) ) {
|
||||
$actions['edit'] = '<a href="' . $edit_link . '">' . __('Edit') . '</a>';
|
||||
$actions['inline hide-if-no-js'] = '<a href="#" class="editinline">' . __('Quick Edit') . '</a>';
|
||||
}
|
||||
if ( current_user_can($tax->delete_cap) && $tag->term_id != $default_term )
|
||||
$actions['delete'] = "<a class='delete-tag' href='" . wp_nonce_url("edit-tags.php?action=delete&taxonomy=$taxonomy&tag_ID=$tag->term_id", 'delete-tag_' . $tag->term_id) . "'>" . __('Delete') . "</a>";
|
||||
|
||||
$actions = apply_filters('tag_row_actions', $actions, $tag);
|
||||
|
@ -746,7 +755,7 @@ function _tag_row( $tag, $level, $class = '', $taxonomy = 'post_tag' ) {
|
|||
}
|
||||
}
|
||||
|
||||
$out .= '</tr>';
|
||||
$out .= "</tr>\n";
|
||||
|
||||
return $out;
|
||||
}
|
||||
|
@ -795,7 +804,6 @@ function tag_rows( $page = 1, $pagesize = 20, $searchterms = '', $taxonomy = 'po
|
|||
$out .= _tag_row( $term, 0, ++$count % 2 ? ' class="alternate"' : '', $taxonomy );
|
||||
}
|
||||
|
||||
// filter and send to screen
|
||||
echo $out;
|
||||
return $count;
|
||||
}
|
||||
|
@ -1135,7 +1143,7 @@ function inline_edit_row( $screen ) {
|
|||
?>" style="display: none"><td colspan="<?php echo $col_count; ?>">
|
||||
|
||||
<fieldset class="inline-edit-col-left"><div class="inline-edit-col">
|
||||
<h4><?php echo $bulk ? ( __( 'Bulk Edit' ) ) : __( 'Quick Edit' ); ?></h4>
|
||||
<h4><?php echo $bulk ? __( 'Bulk Edit' ) : __( 'Quick Edit' ); ?></h4>
|
||||
|
||||
|
||||
<?php if ( $bulk ) : ?>
|
||||
|
|
|
@ -15,9 +15,27 @@
|
|||
* Creates the initial taxonomies when 'init' action is fired.
|
||||
*/
|
||||
function create_initial_taxonomies() {
|
||||
register_taxonomy( 'category', 'post', array('hierarchical' => true, 'update_count_callback' => '_update_post_term_count', 'label' => __('Categories'), 'query_var' => false, 'rewrite' => false) ) ;
|
||||
register_taxonomy( 'post_tag', 'post', array('hierarchical' => false, 'update_count_callback' => '_update_post_term_count', 'label' => __('Post Tags'), 'query_var' => false, 'rewrite' => false) ) ;
|
||||
register_taxonomy( 'link_category', 'link', array('hierarchical' => false, 'label' => __('Categories'), 'query_var' => false, 'rewrite' => false) ) ;
|
||||
register_taxonomy( 'category', 'post', array( 'hierarchical' => true,
|
||||
'update_count_callback' => '_update_post_term_count',
|
||||
'label' => __('Categories'),
|
||||
'query_var' => false,
|
||||
'rewrite' => false,
|
||||
'edit_cap' => 'no_priv'
|
||||
) ) ;
|
||||
|
||||
register_taxonomy( 'post_tag', 'post', array(
|
||||
'hierarchical' => false,
|
||||
'update_count_callback' => '_update_post_term_count',
|
||||
'label' => __('Post Tags'),
|
||||
'query_var' => false,
|
||||
'rewrite' => false
|
||||
) ) ;
|
||||
|
||||
register_taxonomy( 'link_category', 'link', array( 'hierarchical' => false,
|
||||
'label' => __('Categories'),
|
||||
'query_var' => false,
|
||||
'rewrite' => false
|
||||
) ) ;
|
||||
}
|
||||
add_action( 'init', 'create_initial_taxonomies', 0 ); // highest priority
|
||||
|
||||
|
@ -167,7 +185,7 @@ function is_taxonomy_hierarchical($taxonomy) {
|
|||
function register_taxonomy( $taxonomy, $object_type, $args = array() ) {
|
||||
global $wp_taxonomies, $wp_rewrite, $wp;
|
||||
|
||||
if (!is_array($wp_taxonomies))
|
||||
if ( ! is_array($wp_taxonomies) )
|
||||
$wp_taxonomies = array();
|
||||
|
||||
$defaults = array('hierarchical' => false, 'update_count_callback' => '', 'rewrite' => true, 'query_var' => true);
|
||||
|
@ -191,6 +209,11 @@ function register_taxonomy( $taxonomy, $object_type, $args = array() ) {
|
|||
$wp_rewrite->add_permastruct($taxonomy, "/{$args['rewrite']['slug']}/%$taxonomy%", $args['rewrite']['with_front']);
|
||||
}
|
||||
|
||||
foreach ( array('manage_cap', 'edit_cap', 'delete_cap') as $cap ) {
|
||||
if ( empty($args[$cap]) )
|
||||
$args[$cap] = 'manage_categories';
|
||||
}
|
||||
|
||||
$args['name'] = $taxonomy;
|
||||
$args['object_type'] = (array) $object_type;
|
||||
$wp_taxonomies[$taxonomy] = (object) $args;
|
||||
|
|
Loading…
Reference in New Issue