Role/capability system. Round one. Props: Owen Winkler

git-svn-id: http://svn.automattic.com/wordpress/trunk@2703 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2005-07-11 22:39:50 +00:00
parent 13f492ab75
commit a6ade4a767
7 changed files with 413 additions and 32 deletions

View File

@ -66,7 +66,7 @@ case 'edit':
$post_ID = $p = (int) $_GET['post'];
if ( !user_can_edit_post($user_ID, $post_ID) )
if ( !current_user_can('edit_post', $post_ID) )
die ( __('You are not allowed to edit this post.') );
if ( !user_can_edit_post($user_ID, $post_ID) )

View File

@ -226,8 +226,11 @@ function upgrade_160() {
update_usermeta( $user->ID, 'last_name', $wpdb->escape($user->user_lastname) );
if ( !empty( $user->user_nickname ) )
update_usermeta( $user->ID, 'nickname', $wpdb->escape($user->user_nickname) );
if ( !empty( $user->user_level ) )
if ( !empty( $user->user_level ) ) {
update_usermeta( $user->ID, $table_prefix . 'user_level', $user->user_level );
$role = translate_level_to_role($user->user_level);
update_usermeta( $user->ID, $table_prefix . 'capabilities', array($role => true) );
}
if ( !empty( $user->user_icq ) )
update_usermeta( $user->ID, 'icq', $wpdb->escape($user->user_icq) );
if ( !empty( $user->user_aim ) )
@ -749,4 +752,27 @@ function make_site_theme() {
}
return $template;
}
function translate_level_to_role($level) {
switch ($level) {
case 10:
case 9:
case 8:
return 'publisher';
case 7:
case 6:
case 5:
return 'managing_editor';
case 4:
case 3:
return 'copy_editor';
case 2:
return 'staff_writer';
case 1:
return 'freelancer';
case 0:
return 'visitor';
}
}
?>

View File

@ -216,6 +216,8 @@ function populate_options() {
// 1.5.1
add_option('use_trackback', 0);
populate_roles();
// Delete unused options
$unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl', 'weblogs_xml_url');
foreach ($unusedoptions as $option) :
@ -229,4 +231,80 @@ function populate_options() {
endforeach;
}
function populate_roles() {
global $table_prefix;
$roles = array ('administrator' =>
array('name' => __('Administrator'),
'capabilities' => array(
'edit_posts' => true,
'edit_others_posts' => true,
'edit_published_posts' => true,
'publish_posts' => true,
'edit_pages' => true,
'manage_categories' => true,
'manage_links' => true,
'upload_images' => true,
'manage_options' => true,
'switch_themes' => true,
'edit_themes' => true,
'activate_plugins' => true,
'edit_plugins' => true,
'edit_users' => true,
'edit_files' => true,
'read' => true,
'level_10' => true,
'level_9' => true,
'level_8' => true
)),
'editor' =>
array('name' => __('Editor'),
'capabilities' => array(
'edit_posts' => true,
'edit_others_posts' => true,
'edit_published_posts' => true,
'publish_posts' => true,
'edit_pages' => true,
'manage_categories' => true,
'manage_links' => true,
'upload_images' => true,
'read' => true,
'level_7' => true,
'level_6' => true,
'level_5' => true
)),
'author' =>
array('name' => __('Author'),
'capabilities' => array(
'edit_posts' => true,
'publish_posts' => true,
'upload_images' => true,
'read' => true,
'level_2' => true
)),
'contributor' =>
array('name' => __('Contributor'),
'capabilities' => array(
'edit_posts' => true,
'read' => true,
'level_1' => true
)),
'subscriber' =>
array('name' => __('Subscriber'),
'capabilities' => array(
'read' => true,
'level_0' => true
)),
'inactive' =>
array('name' => __('Inactive'),
'capabilities' => array())
);
add_option($table_prefix . 'user_roles', $roles);
}
?>

View File

@ -0,0 +1,263 @@
<?php
class WP_Roles {
var $roles;
var $role_objects = array();
var $role_names = array();
var $role_key;
function WP_Roles() {
global $table_prefix;
$this->role_key = $table_prefix . 'user_roles';
$this->roles = get_option($this->role_key);
if ( empty($this->roles) )
return;
foreach ($this->roles as $role => $data) {
$this->role_objects[$role] = new WP_Role($role, $this->roles[$role]['capabilities']);
$this->role_names[$role] = $this->roles[$role]['name'];
}
}
function add_role($role, $capabilities, $display_name) {
$this->roles[$role] = array('name' => $display_name,
'capabilities' => $capabilities);
update_option($this->role_key, $this->roles);
$this->role_objects[$role] = new WP_Role($role, $capabilities);
$this->role_names[$role] = $display_name;
}
function remove_role($role) {
if ( ! isset($this->role_objects[$role]) )
return;
unset($this->role_objects[$role]);
unset($this->role_names[$role]);
unset($this->roles[$role]);
update_option($this->role_key, $this->roles);
}
function add_cap($role, $cap, $grant) {
$this->roles[$role]['capabilities'][$cap] = $grant;
update_option($this->role_key, $this->roles);
}
function remove_cap($role, $cap) {
unset($this->roles[$role]['capabilities'][$cap]);
update_option($this->role_key, $this->roles);
}
function &get_role($role) {
if ( isset($this->role_objects[$role]) )
return $this->role_objects[$role];
else
return null;
}
function get_names() {
return $this->role_names;
}
function is_role($caps)
{
return empty($this->role_names[$cap]);
}
}
class WP_Role {
var $name;
var $capabilities;
function WP_Role($role, $capabilities) {
$this->name = $role;
$this->capabilities = $capabilities;
}
function add_cap($cap, $grant) {
global $wp_roles;
$this->capabilities[$cap] = $grant;
$wp_roles->add_cap($this->name, $cap);
}
function remove_cap($cap) {
global $wp_roles;
unset($this->capabilities[$cap]);
$wp_roles->remove_cap($this->name, $cap);
}
function has_cap($cap) {
if ( !empty($this->capabilities[$cap]) )
return $this->capabilities[$cap];
else
return false;
}
}
class WP_User {
var $data;
var $id;
var $caps;
var $cap_key;
var $roles;
var $allcaps;
function WP_User($id) {
global $wp_roles, $table_prefix;
$this->id = $id;
$this->data = get_userdata($id);
$this->cap_key = $table_prefix . 'capabilities';
$this->caps = &$this->data->{$this->cap_key};
$this->get_role_caps();
}
function get_role_caps() {
global $wp_roles;
//Filter out caps that are not role names and assign to $this->roles
if(is_array($this->caps))
$this->roles = array_filter($this->caps, array(&$wp_roles, 'is_role'));
//Build $allcaps from role caps, overlay user's $caps
$this->allcaps = array();
foreach($this->roles as $role => $value) {
$role = $wp_roles->get_role($role);
$this->allcaps = array_merge($this->allcaps, $role->capabilities);
}
$this->allcaps = array_merge($this->allcaps, $this->caps);
}
function add_role($role) {
$this->caps[$role] = true;
update_usermeta($this->id, $this->cap_key, $this->caps);
$this->get_role_caps();
$this->update_user_level_from_caps();
}
function remove_role($role) {
if(!empty($this->roles[$role]) && (count($this->roles) > 1))
unset($this->caps[$cap]);
update_usermeta($this->id, $this->cap_key, $this->caps);
$this->get_role_caps();
}
function set_role($role) {
foreach($this->roles as $oldrole => $value)
unset($this->caps[$oldrole]);
$this->caps[$role] = true;
$this->roles = array($role => true);
update_usermeta($this->id, $this->cap_key, $this->caps);
$this->get_role_caps();
$this->update_user_level_from_caps();
}
function level_reduction($max, $item) {
if(preg_match('/^level_(10|[0-9])$/i', $item, $matches)) {
$level = intval($matches[1]);
return max($max, $level);
} else {
return $max;
}
}
function update_user_level_from_caps() {
global $table_prefix;
$this->data->user_level = array_reduce(array_keys($this->allcaps), array(&$this, 'level_reduction'), 0);
update_usermeta($this->id, $table_prefix.'user_level', $this->data->user_level);
}
function add_cap($cap, $grant = true) {
$this->caps[$cap] = $grant;
update_usermeta($this->id, $this->cap_key, $this->caps);
}
function remove_cap($cap) {
if(!empty($this->roles[$role])) return;
unset($this->caps[$cap]);
update_usermeta($this->id, $this->cap_key, $this->caps);
}
//has_cap(capability_or_role_name) or
//has_cap('edit_post', post_id)
function has_cap($cap) {
global $wp_roles;
if ( is_numeric($cap) )
$cap = $this->translate_level_to_cap($cap);
$args = array_slice(func_get_args(), 1);
$args = array_merge(array($cap, $this->id), $args);
$caps = call_user_func_array('map_meta_cap', $args);
// Must have ALL requested caps
foreach ($caps as $cap) {
//echo "Checking cap $cap<br/>";
if(empty($this->allcaps[$cap]) || !$this->allcaps[$cap])
return false;
}
return true;
}
function translate_level_to_cap($level) {
return 'level_' . $level;
}
}
// Map meta capabilities to primitive capabilities.
function map_meta_cap($cap, $user_id) {
$args = array_slice(func_get_args(), 2);
$caps = array();
switch ($cap) {
// edit_post breaks down to edit_posts, edit_published_posts, or
// edit_others_posts
case 'edit_post':
$author_data = get_userdata($user_id);
//echo "post ID: {$args[0]}<br/>";
$post = get_post($args[0]);
$post_author_data = get_userdata($post->post_author);
//echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br/>";
// If the user is the author...
if ($user_id == $post_author_data->ID) {
// If the post is published...
if ($post->post_status == 'publish')
$caps[] = 'edit_published_posts';
else
// If the post is draft...
$caps[] = 'edit_posts';
} else {
// The user is trying to edit someone else's post.
$caps[] = 'edit_others_posts';
// The post is published, extra cap required.
if ($post->post_status == 'publish')
$caps[] = 'edit_published_posts';
}
break;
default:
// If no meta caps match, return the original cap.
$caps[] = $cap;
}
return $caps;
}
// Capability checking wrapper around the global $current_user object.
function current_user_can($capability) {
global $current_user;
$args = array_slice(func_get_args(), 1);
$args = array_merge(array($capability), $args);
if ( empty($current_user) )
return false;
return call_user_func_array(array(&$current_user, 'has_cap'), $args);
}
?>

View File

@ -1218,32 +1218,11 @@ function update_post_caches(&$posts) {
function update_category_cache() {
global $cache_categories, $wpdb;
$dogs = $wpdb->get_results("SELECT * FROM $wpdb->categories");
foreach ($dogs as $catt)
$cache_categories[$catt->cat_ID] = $catt;
}
function update_user_cache() {
global $cache_userdata, $wpdb;
$level_key = $wpdb->prefix . 'user_level';
$user_ids = $wpdb->get_col("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'");
$user_ids = join(',', $user_ids);
$query = apply_filters('user_cache_query', "SELECT * FROM $wpdb->users WHERE ID IN ($user_ids)");
if ( $users = $wpdb->get_results( $query ) ) :
foreach ($users as $user) :
$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user->ID'");
foreach ( $metavalues as $meta ) {
$user->{$meta->meta_key} = $meta->meta_value;
// We need to set user_level from meta, not row
if ( $wpdb->prefix . 'user_level' == $meta->meta_key )
$user->user_level = $meta->meta_value;
}
$cache_userdata[$user->ID] = $user;
$cache_userdata[$user->user_login] =& $cache_userdata[$user->ID];
endforeach;
if($dogs = $wpdb->get_results("SELECT * FROM $wpdb->categories")):
foreach ($dogs as $catt)
$cache_categories[$catt->cat_ID] = $catt;
return true;
else :
else:
return false;
endif;
}
@ -1959,11 +1938,38 @@ function nocache_headers() {
@ header('Pragma: no-cache');
}
function get_usermeta( $user_id, $meta_key = '') {
global $wpdb;
$user_id = (int) $user_id;
if ( !empty($meta_key) ) {
$meta_key = preg_replace('|a-z0-9_|i', '', $meta_key);
$metas = $wpdb->get_results("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id' AND meta_key = '$meta_key'");
} else {
$metas = $wpdb->get_results("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id'");
}
foreach ($metas as $index => $meta) {
@ $value = unserialize($meta->meta_key);
if ($value !== FALSE)
$metas[$index]->meta_key = $value;
}
if ( !empty($meta_key) )
return $metas[0];
else
return $metas;
}
function update_usermeta( $user_id, $meta_key, $meta_value ) {
global $wpdb;
if ( !is_numeric( $user_id ) )
return false;
$meta_key = preg_replace('|a-z0-9_|i', '', $meta_key);
if ( is_array($meta_value) || is_object($meta_value) )
$meta_value = serialize($meta_value);
$cur = $wpdb->get_row("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id' AND meta_key = '$meta_key'");
if ( !$cur ) {
$wpdb->query("INSERT INTO $wpdb->usermeta ( user_id, meta_key, meta_value )
@ -1991,4 +1997,4 @@ function plugin_basename($file) {
return preg_replace('/^.*wp-content[\\\\\/]plugins[\\\\\/]/', '', $file);
}
?>
?>

View File

@ -19,7 +19,9 @@ function get_currentuserinfo() {
$user_url = $userdata->user_url;
$user_pass_md5 = md5($userdata->user_pass);
$user_identity = $userdata->display_name;
$current_user = $userdata;
if ( empty($current_user) )
$current_user = new WP_User($user_ID);
}
endif;
@ -29,7 +31,7 @@ function get_userdata( $user_id ) {
$user_id = (int) $user_id;
if ( $user_id == 0 )
return false;
if ( isset( $cache_userdata[$user_id] ) )
return $cache_userdata[$user_id];
@ -39,7 +41,11 @@ function get_userdata( $user_id ) {
$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user_id'");
foreach ( $metavalues as $meta ) {
$user->{$meta->meta_key} = $meta->meta_value;
@ $value = unserialize($meta->meta_value);
if ($value === FALSE)
$value = $meta->meta_value;
$user->{$meta->meta_key} = $value;
// We need to set user_level from meta, not row
if ( $wpdb->prefix . 'user_level' == $meta->meta_key )
$user->user_level = $meta->meta_value;

View File

@ -74,7 +74,7 @@ require (ABSPATH . WPINC . '/default-filters.php');
require_once (ABSPATH . WPINC . '/wp-l10n.php');
$wpdb->hide_errors();
if ( !update_user_cache() && (!strstr($_SERVER['PHP_SELF'], 'install.php') && !defined('WP_INSTALLING')) ) {
if ( !update_category_cache() && (!strstr($_SERVER['PHP_SELF'], 'install.php') && !defined('WP_INSTALLING')) ) {
if ( strstr($_SERVER['PHP_SELF'], 'wp-admin') )
$link = 'install.php';
else
@ -85,6 +85,7 @@ $wpdb->show_errors();
require (ABSPATH . WPINC . '/functions-formatting.php');
require (ABSPATH . WPINC . '/functions-post.php');
require (ABSPATH . WPINC . '/capabilities.php');
require (ABSPATH . WPINC . '/classes.php');
require (ABSPATH . WPINC . '/template-functions-general.php');
require (ABSPATH . WPINC . '/template-functions-links.php');
@ -160,6 +161,7 @@ register_shutdown_function('shutdown_action_hook');
$wp_query = new WP_Query();
$wp_rewrite = new WP_Rewrite();
$wp = new WP();
$wp_roles = new WP_Roles();
// Everything is loaded and initialized.
do_action('init');