Commit Graph

33 Commits

Author SHA1 Message Date
Felix Arntz 21f18c2d30 Multisite: Initialize a user's roles correctly when setting them up for a different site.
While it has always been possible to initialize a user's roles and capabilities for another site than the current one in a multisite, the actual roles available were not switched prior to this change, possibly causing invalid roles to show up or actually valid capabilities not being available.

In order to fix this bug in a clean way, relevant parts of the `WP_User` class have been refactored. The ID of the site for which capabilities are currently initialized are now stored in a private property `WP_User::$site_id`. The `WP_User::for_blog( $blog_id )` and `WP_User::_init_caps( $cap_key )` methods have been deprecated in favor of `WP_User::for_site( $site_id )`. In addition, a new method `WP_User::get_site_id()` has been introduced to retrieve the site ID for which the user's capabilities are currently initialized.

Props ryanduff, jeremyfelt, flixos90.
Fixes #36961.

Built from https://develop.svn.wordpress.org/trunk@41624


git-svn-id: http://core.svn.wordpress.org/trunk@41459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 21:10:45 +00:00
Weston Ruter 90bedf8f9d Editor: Add CodeMirror-powered code editor with syntax highlighting, linting, and auto-completion.
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.

Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes #12423, #39892.

Built from https://develop.svn.wordpress.org/trunk@41376


git-svn-id: http://core.svn.wordpress.org/trunk@41209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-13 06:08:47 +00:00
John Blackbourn 152f5410ac Docs: Clarify some terminology around meta capabilities, primitive capabilities, and roles.
See #41017

Built from https://develop.svn.wordpress.org/trunk@41366


git-svn-id: http://core.svn.wordpress.org/trunk@41199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-10 22:51:43 +00:00
Drew Jaynes 0860bb2771 Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes.
Prior to about 2013, many class methods lacked even access modifiers which made the `@access` notations that much more useful. Now that we've gotten to a point where the codebase is more mature from a maintenance perspective and we can finally remove these notations. Notable exceptions to this change include standalone functions notated as private as well as some classes still considered to represent "private" APIs.

See #41452.

Built from https://develop.svn.wordpress.org/trunk@41162


git-svn-id: http://core.svn.wordpress.org/trunk@41002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 00:41:44 +00:00
Peter Wilson 2b25a87d1b Capabilities: Prevent users having the `do_not_allow` capability.
Meta capabilities use the capability `do_not_allow` to indicate a user should be blocked from performing a particular action. This ensures users can not have the capability as it would cause unexpected behaviour.

Props johnbillion.
Fixes #41059.


Built from https://develop.svn.wordpress.org/trunk@40993


git-svn-id: http://core.svn.wordpress.org/trunk@40843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-02 05:16:45 +00:00
Sergey Biryukov b971410d2f Docs: Correct `@access` entry for `WP_User::filter` property.
Add missing `@since` entries for `WP_User::back_compat_keys` and `WP_User::init()`.

Props keesiemeijer, prosti.
Fixes #39502, #39278.
Built from https://develop.svn.wordpress.org/trunk@39735


git-svn-id: http://core.svn.wordpress.org/trunk@39675 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-06 22:09:55 +00:00
Gary Pendergast af69f4ab1a General: Restore usage of `$wpdb`, instead of `$this->db`.
Hiding the `$wpdb` global behind a property decreases the readability of the code, as well as causing irrelevant output when dumping an object.

Reverts [38275], [38278], [38279], [38280], [38387].
See #37699.


Built from https://develop.svn.wordpress.org/trunk@38768


git-svn-id: http://core.svn.wordpress.org/trunk@38711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-10 06:38:31 +00:00
Pascal Birchler 4a88d55054 I18N: Introduce a user-specific language setting.
By enabling the user to select their preferred locale when editing the profile, we allow for greater personalization of the WordPress admin and therefore a better user experience.

The back end will be displayed in the user's individual locale while the locale used on the front end equals the one set for the whole site. If the user didn't specify a locale, the site's locale will be used as a fallback. The new `locale` property of the `WP_User` class can be used to retrieve the user's locale setting.

Props ocean90, ipm-frommen, swissspidy.
Fixes #29783.
Built from https://develop.svn.wordpress.org/trunk@38705


git-svn-id: http://core.svn.wordpress.org/trunk@38648 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-03 07:04:29 +00:00
Scott Taylor b55b6a03f4 Users: after [38317], use a `@property` annotation, instead of a `public` field.
See #37771.

Built from https://develop.svn.wordpress.org/trunk@38319


git-svn-id: http://core.svn.wordpress.org/trunk@38260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-22 22:15:29 +00:00
Scott Taylor 7466118616 Users: `$user_level` has been publicly-accessed on instances of `WP_User` since version 2.0, but is has never been declared.
See #37771.

Built from https://develop.svn.wordpress.org/trunk@38317


git-svn-id: http://core.svn.wordpress.org/trunk@38258 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-22 21:41:28 +00:00
Scott Taylor e7ffad7fac Query: add a `protected` field, `$db`, (composition, as it were) to `WP_*_Query` classes to hold the value for the database abstraction, instead of importing the `global $wpdb` into every method that uses it. Reduces the number of global imports by 32.
See #37699.

Built from https://develop.svn.wordpress.org/trunk@38275


git-svn-id: http://core.svn.wordpress.org/trunk@38216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-18 18:21:31 +00:00
Sergey Biryukov 139387b7e5 Docs: Use 3-digit, x.x.x-style semantic versioning for `_doing_it_wrong()`, `_deprecated_function()`, `_deprecated_argument()`, and `_deprecated_file()` throughout core.
Props metodiew.
Fixes #36495.
Built from https://develop.svn.wordpress.org/trunk@37985


git-svn-id: http://core.svn.wordpress.org/trunk@37926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-06 12:40:29 +00:00
Drew Jaynes b1804afeaf Docs: Standardize on 'backward compatibility/compatible' nomenclature in core inline docs.
Also use 'back-compat' in some inline comments where backward compatibility is the subject and shorthand feels more natural.

Note: 'backwards compatibility/compatibile' can also be considered correct, though it's primary seen in regular use in British English.

Props ocean90.
Fixes #36835.

Built from https://develop.svn.wordpress.org/trunk@37431


git-svn-id: http://core.svn.wordpress.org/trunk@37397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-13 18:41:31 +00:00
Eric Lewis 24adb71a56 Networks and sites: Replace "blog" usage with "site" in docs.
Multisite functions use the term "blog" to refer to what we now call a "site," e.g. `get_current_blog_id()`. These functions are here to stay because of our commitment to backwards compatibility. What we can do is set the documentation straight.

See #35417.

Built from https://develop.svn.wordpress.org/trunk@36417


git-svn-id: http://core.svn.wordpress.org/trunk@36384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-28 03:51:26 +00:00
Eric Lewis 22467e840f Networks and sites: Replace "blog" usage with "site" in docs.
Multisite functions use the term "blog" to refer to what we now call a "site," e.g. `get_current_blog_id()`. These functions are here to stay because of our commitment to backwards compatibility. What we can do is set the documentation straight.

See #35417.

Built from https://develop.svn.wordpress.org/trunk@36416


git-svn-id: http://core.svn.wordpress.org/trunk@36383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-28 03:35:27 +00:00
Drew Jaynes 2dda796547 Docs: Add variadic markers to the optional `$object_id` parameter notation for `WP_User::has_cap()`.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@35954


git-svn-id: http://core.svn.wordpress.org/trunk@35918 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-16 05:32:28 +00:00
Drew Jaynes 626549448a Docs: Move an inline comment that was preventing the hook docs for the `user_has_cap` filter from being parsed.
Props ocean90.
Fixes #34639.

Built from https://develop.svn.wordpress.org/trunk@35598


git-svn-id: http://core.svn.wordpress.org/trunk@35562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-10 06:45:25 +00:00
Sergey Biryukov 77b0fad640 Remove `<code>` tags from translatable strings in `wp-includes/class-wp-user.php`.
Add translator comments.

Props ramiy.
Fixes #34576.
Built from https://develop.svn.wordpress.org/trunk@35548


git-svn-id: http://core.svn.wordpress.org/trunk@35512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-06 00:06:25 +00:00
Drew Jaynes 217b661703 Docs: Add missing descriptions for the `$wpdb` global in DocBlocks all the places.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@35170


git-svn-id: http://core.svn.wordpress.org/trunk@35136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-14 23:44:25 +00:00
Scott Taylor df9c242a5e Users: in `WP_User::__unset()`, don't reset the deprecated prop `id` to `ID`. Still throw the deprecated notice.
Update unit test.

Fixes #20043.

Built from https://develop.svn.wordpress.org/trunk@34466


git-svn-id: http://core.svn.wordpress.org/trunk@34430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-24 00:49:25 +00:00
Drew Jaynes 4ddb22bd09 Docs: The Users subpackage is plural.
See #33701.

Built from https://develop.svn.wordpress.org/trunk@34412


git-svn-id: http://core.svn.wordpress.org/trunk@34376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 13:46:25 +00:00
Drew Jaynes 4e1ca6b1aa Docs: Add a missing access modifier to the declaration for the `WP_User::__unset()` magic method, introduced in [34380].
Also adds missing documentation to the DocBlock.

Fixes #20043.

Built from https://develop.svn.wordpress.org/trunk@34390


git-svn-id: http://core.svn.wordpress.org/trunk@34354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 10:07:23 +00:00
Drew Jaynes 48213a5842 Docs: Fix some syntactical issues and add missing parameter and return descriptions to the DocBlock for the `WP_User::__get()` magic method.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@34389


git-svn-id: http://core.svn.wordpress.org/trunk@34353 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 10:02:24 +00:00
Drew Jaynes fd82198aad Docs: Fix some syntactical issues and add missing parameter and return descriptions to the DocBlock for the `WP_User::__isset()` magic method.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@34388


git-svn-id: http://core.svn.wordpress.org/trunk@34352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 09:59:24 +00:00
Drew Jaynes 16d8ed44a5 Docs: Add a file header to wp-includes/class-wp-user.php, created in [33752].
See #33413.

Built from https://develop.svn.wordpress.org/trunk@34387


git-svn-id: http://core.svn.wordpress.org/trunk@34351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 09:56:25 +00:00
Scott Taylor eb1e8f41a0 Users: add `__unset` to `WP_User`.
Adds unit tests.

Props johnjamesjacoby, MikeHansenMe, wonderboymusic.
Fixes #20043.

Built from https://develop.svn.wordpress.org/trunk@34380


git-svn-id: http://core.svn.wordpress.org/trunk@34344 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 05:00:24 +00:00
Scott Taylor d093242095 Users: clarify the docs for `WP_User::__set` to make it clear that it does save data in the database.
Props johnpbloch.
Fixes #24255.

Built from https://develop.svn.wordpress.org/trunk@34379


git-svn-id: http://core.svn.wordpress.org/trunk@34343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 04:56:24 +00:00
Drew Jaynes a7ea95f53a Docs: Add documentation for `$object_id`, the optional second parameter in `current_user_can()` and `WP_User::has_cap()`, and the optional third parameter in `map_meta_cap()`.
This change introduces the vernacular of "meta" vs "primitive" capabilities to core docs, and providing examples for each inline and attempts to make it clear that `$object_id` is really only useful if the passed `$capability` is of the meta cap variety.

Props jliman for the initial patch.
Fixes #32694.

Built from https://develop.svn.wordpress.org/trunk@34224


git-svn-id: http://core.svn.wordpress.org/trunk@34188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-16 07:36:32 +00:00
Boone Gorges ef474c6970 Accept 'ID' as a valid `$field` in `get_user_by()`.
We already accept 'id'. `ID` more closely matches the database and
`WP_User` schemas.

Props Shelob9.
Fixes #33869.
Built from https://develop.svn.wordpress.org/trunk@34125


git-svn-id: http://core.svn.wordpress.org/trunk@34093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 18:58:26 +00:00
Scott Taylor 7ef604c052 Ensure that `role` is not empty before adding it in `add_role()` function and methods.
Props MikeHansenMe, dannydehaan, michielhab.
Fixes #23746.

Built from https://develop.svn.wordpress.org/trunk@33967


git-svn-id: http://core.svn.wordpress.org/trunk@33936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 03:42:25 +00:00
Scott Taylor 8879565c0a In `WP_User`, add `@property` docs for `description`, `first_name`, and `last_name`. `user_firstname` and `user_lastname` only exist for back-compat.
See #33491.

Built from https://develop.svn.wordpress.org/trunk@33958


git-svn-id: http://core.svn.wordpress.org/trunk@33927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 01:13:24 +00:00
Drew Jaynes 05c7abcf13 Docs: Add missing parameter documentation to the the DocBlock for `WP_User::__set()`.
Props racase for the initial patch.
Fixes #33652.

Built from https://develop.svn.wordpress.org/trunk@33847


git-svn-id: http://core.svn.wordpress.org/trunk@33815 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-01 21:47:21 +00:00
Scott Taylor df1c0c2363 Roles: move classes into their own file. `capbilities.php` loads the new files, so this is 100% BC if someone is loading `capbilities.php` directly. New files created using `svn cp`.
Creates: 
`class-wp-roles.php` 
`class-wp-role.php` 
`class-wp-user.php` 
`capbilities-functions.php` 

`capbilities.php` contains only top-level code. Class files only contains classes. Functions file only contains functions.

See #33413.

Built from https://develop.svn.wordpress.org/trunk@33752


git-svn-id: http://core.svn.wordpress.org/trunk@33720 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-26 04:58:21 +00:00