* @license GPLv3 * @copyright 2020 by Joachim Jensen */ defined('ABSPATH') || exit; final class RUA_App { /** * Plugin version */ const PLUGIN_VERSION = '2.1.3'; /** * Prefix for metadata * Same as wp-content-aware-engine */ const META_PREFIX = '_ca_'; /** * Post Type for restriction */ const TYPE_RESTRICT = 'restriction'; /** * Post type statuses */ const STATUS_ACTIVE = 'publish'; const STATUS_INACTIVE = 'draft'; const STATUS_SCHEDULED = 'future'; /** * Capability to manage restrictions */ const CAPABILITY = 'manage_options'; const BASE_SCREEN = 'wprua'; const ICON_SVG = 'data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgdmlld0JveD0iMCAwIDIwIDIwIj48ZyBmaWxsPSIjYTBhNWFhIj48cGF0aCBkPSJNMTAuMDEyIDE0LjYyNUw1Ljc4IDEyLjI3Yy0xLjkwNi42NjQtMy42MDUgMS43Ni00Ljk4IDMuMTc4IDIuMTA1IDIuNzcgNS40MzYgNC41NiA5LjE4NSA0LjU2IDMuNzY2IDAgNy4xMTItMS44MDIgOS4yMTUtNC41OTMtMS4zOC0xLjQwNC0zLjA3LTIuNDk2LTQuOTctMy4xNTRsLTQuMjE4IDIuMzY3em0tLjAwNS0xNC42M0M3LjQxMi0uMDA1IDUuMzEgMS45MSA1LjMxIDQuMjhoOS4zOTNjMC0yLjM3LTIuMS00LjI4Ni00LjY5Ni00LjI4NnptNi4xMjYgMTAuNzFjLjE1OC0uMDMyLjY0LS4yMzIuNjMtLjMzMy0uMDI1LS4yNC0uNjg2LTUuNTg0LS42ODYtNS41ODRzLS40MjItLjI3LS42ODYtLjI5M2MuMDI0LjIxLjY5IDUuNzYuNzQ1IDYuMjF6bS0xMi4yNTMgMGMtLjE1OC0uMDMyLS42NC0uMjMyLS42My0uMzMzLjAyNS0uMjQuNjg2LTUuNTg0LjY4Ni01LjU4NHMuNDItLjI3LjY4Ni0uMjkzYy0uMDIuMjEtLjY5IDUuNzYtLjc0MiA2LjIxeiIvPjxwYXRoIGQ9Ik0xMCAxMy45NjdoLjAyM2wuOTc1LS41NXYtNC4yMWMuNzgtLjM3NyAxLjMxNC0xLjE3MyAxLjMxNC0yLjA5NyAwLTEuMjg1LTEuMDM1LTIuMzIzLTIuMzItMi4zMjNTNy42NyA1LjgyNSA3LjY3IDcuMTFjMCAuOTIzLjUzNSAxLjcyIDEuMzE1IDIuMDkzVjEzLjRsMS4wMTYuNTY3em0tMS43NjQtLjk4NXYtLjAzNWMwLTMuNjEtMS4zNS02LjU4My0zLjA4My02Ljk2bC0uMDMuMy0uNTIgNC42NyAzLjYzMyAyLjAyNXptMy41Ni0uMDM1YzAgLjAxNCAwIC4wMTguMDAzLjAyM2wzLjYxLTIuMDI1LS41My00LjY4LS4wMjgtLjI3M2MtMS43MjMuNC0zLjA1NyAzLjM2Mi0zLjA1NyA2Ljk1NXoiLz48L2c+PC9zdmc+'; /** * @var array */ private $levels = array(); /** * @var int[] */ private $level_extends_map = array(); /** * @var int[] */ private $level_extended_by_map = array(); /** * @var WP_DB_Updater */ private $db_updater; /** * @var RUA_App */ private static $_instance; /** * @var RUA_Level_Manager */ public $level_manager; public function __construct() { $this->level_manager = new RUA_Level_Manager(); $this->db_updater = new WP_DB_Updater('rua_plugin_version', self::PLUGIN_VERSION); new RUA_Nav_Menu(); if (is_admin()) { new RUA_Level_Overview(); new RUA_Level_Edit(); new RUA_Settings_Page(); add_action( 'admin_enqueue_scripts', array($this,'load_admin_scripts'), 999 ); add_action( 'show_user_profile', array($this,'add_field_access_level') ); add_action( 'edit_user_profile', array($this,'add_field_access_level') ); add_action( 'personal_options_update', array($this,'save_user_profile') ); add_action( 'edit_user_profile_update', array($this,'save_user_profile') ); add_action( 'delete_post', array($this,'sync_level_deletion') ); add_filter( 'manage_users_columns', array($this,'add_user_column_headers') ); add_filter( 'manage_users_custom_column', array($this,'add_user_columns'), 10, 3 ); add_filter( 'cas/metadata/populate', array($this,'add_levels_to_visibility') ); $file = plugin_basename(plugin_dir_path(__FILE__)).'/restrict-user-access.php'; add_filter( 'plugin_action_links_'.$file, array($this,'plugin_action_links'), 10, 4 ); } add_shortcode( 'login-form', array($this,'shortcode_login_form') ); add_filter( 'cas/user_visibility', array($this,'sidebars_check_levels') ); } /** * Instantiates and returns class singleton * * @since 0.1 * @return RUA_App */ public static function instance() { if (!self::$_instance) { self::$_instance = new self(); } return self::$_instance; } /** * @since 1.1 * @return WP_DB_Updater */ public function get_updater() { return $this->db_updater; } /** * Add Levels to sidebar visibility metadata list * * @since 0.12 * @param WPCAObjectManager $metadata */ public function add_levels_to_visibility($metadata) { $visibility = $metadata->get('visibility'); $list = $visibility->get_input_list(); if (isset($list['rua-levels'])) { return $metadata; } $levels = $this->get_levels(); if ($levels) { $options = array(); foreach ($levels as $level) { $options[$level->ID] = $level->post_title; } if (!defined('CAS_App::PLUGIN_VERSION') || version_compare(CAS_App::PLUGIN_VERSION, '3.8', '<')) { $list = $list + $options; } else { $list['rua-levels'] = array( 'label' => __('Access Levels', 'restrict-user-access'), 'options' => $options ); } $visibility->set_input_list($list); } return $metadata; } /** * Check if user level has access to sidebar * * @since 0.12 * @param array $visibility * @return array */ public function sidebars_check_levels($visibility) { $user = rua_get_user(); if (!$user->has_global_access()) { return array_merge($visibility, $user->get_level_ids()); } return array_merge($visibility, array_keys($this->get_levels())); } /** * Get login form in shotcode * * @version 0.9 * @param array $atts * @param string $content * @return string */ public function shortcode_login_form($atts, $content = null) { if (is_user_logged_in()) { return $content; } $a = shortcode_atts(array( 'remember' => true, 'redirect' => '', 'form_id' => 'loginform', 'id_username' => 'user_login', 'id_password' => 'user_pass', 'id_remember' => 'rememberme', 'id_submit' => 'wp-submit', 'label_username' => __('Username'), 'label_password' => __('Password'), 'label_remember' => __('Remember Me'), 'label_log_in' => __('Log In'), 'value_username' => '', 'value_remember' => false ), $atts); $a['echo'] = false; if (!$a['redirect']) { $parts = parse_url(home_url()); $root = "{$parts['scheme']}://{$parts['host']}"; if (isset($parts['port']) && $parts['port']) { $root .= ':'.$parts['port']; } if (isset($_GET['redirect_to'])) { $a['redirect'] = $root.urldecode($_GET['redirect_to']); } else { $a['redirect'] = $root.add_query_arg(null, null); } } return wp_login_form($a); } /** * Add Access Level to user profile * * @since 0.3 * @param WP_User $user */ public function add_field_access_level($user) { if (!current_user_can(self::CAPABILITY) || is_network_admin()) { return; } $rua_user = rua_get_user($user); $user_levels = array(); foreach ($rua_user->level_memberships() as $membership) { if (!$membership->can_add()) { continue; } $user_levels[] = $membership->get_level_id(); } ?>

level_memberships() as $membership) { if (!$membership->can_add()) { continue; } $user_levels[$membership->get_level_id()] = 1; } foreach ($new_levels as $level) { if (isset($user_levels[$level])) { unset($user_levels[$level]); } else { $user->add_level($level); } } foreach ($user_levels as $level => $value) { $user->remove_level($level); } } /** * Add column headers on * User overview * * @since 0.3 * @param array $column */ public function add_user_column_headers($columns) { $new_columns = array(); foreach ($columns as $key => $title) { $new_columns[$key] = $title; if ($key == 'role') { $new_columns['level'] = __('Access Levels', 'restrict-user-access'); } } return $new_columns; } /** * Add columns on user overview * * @since 0.3 * @param string $output * @param string $column_name * @param int $user_id */ public function add_user_columns($output, $column_name, $user_id) { switch ($column_name) { case 'level': $level_links = array(); foreach (rua_get_user($user_id)->level_memberships() as $membership) { $level_links[] = sprintf( '%s%s', get_edit_post_link($membership->get_level_id()), $membership->level()->get_title(), !$membership->is_active() ? ' ('.$membership->get_status().') ' : '' ); } $output = implode(', ', $level_links); break; default: } return $output; } /** * @param int $level_id * * @return int[] */ public function get_level_extends($level_id) { $levels = array(); while (isset($this->level_extends_map[$level_id])) { $level_id = $this->level_extends_map[$level_id]; $levels[] = $level_id; } return $levels; } /** * @param int $level_id * * @return int[] */ public function get_level_extended_by($level_id) { $levels = array(); if (isset($this->level_extended_by_map[$level_id])) { foreach ($this->level_extended_by_map[$level_id] as $level) { $levels[] = $level; $levels = array_merge($levels, $this->get_level_extended_by($level)); } } return $levels; } /** * Get all levels not synced with roles * * @since 0.3 * @return array */ public function get_levels() { if (!$this->levels) { $levels = get_posts(array( 'numberposts' => -1, 'post_type' => self::TYPE_RESTRICT, 'post_status' => array( self::STATUS_ACTIVE, self::STATUS_INACTIVE, self::STATUS_SCHEDULED ), 'update_post_meta_cache' => true )); foreach ($levels as $level) { $this->levels[$level->ID] = $level; if ($level->post_parent) { $this->level_extends_map[$level->ID] = $level->post_parent; if (!isset($this->level_extended_by_map[$level->post_parent])) { $this->level_extended_by_map[$level->post_parent] = array(); } $this->level_extended_by_map[$level->post_parent][] = $level->ID; } } } return $this->levels; } /** * Delete foreign metadata belonging to level * * @since 0.11.1 * @param int $post_id * @return void */ public function sync_level_deletion($post_id) { if (!current_user_can(self::CAPABILITY)) { return; } global $wpdb; //Delete user levels $wpdb->query($wpdb->prepare( "DELETE FROM $wpdb->usermeta WHERE (meta_key = %s AND meta_value = %d) OR meta_key = %s", self::META_PREFIX.'level', $post_id, self::META_PREFIX.'level_'.$post_id )); //Delete nav menu item levels $wpdb->query($wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE meta_key = %s AND meta_value = %d", '_menu_item_level', $post_id )); } /** * Add actions to plugin in Plugins screen * * @version 1.0 * @param array $actions * @param string $plugin_file * @param [type] $plugin_data * @param [type] $context * @return array */ public function plugin_action_links($actions, $plugin_file, $plugin_data, $context) { $new_actions = array(); $new_actions['docs'] = ''.__('Documentation & FAQ', 'restrict-user-access').''; return array_merge($new_actions, $actions); } /** * Load scripts and styles for administration * * @since 0.1 * @param string $hook * @return void */ public function load_admin_scripts($hook) { $current_screen = get_current_screen(); if ($current_screen->id == 'nav-menus' || $current_screen->id == 'user-edit' || $current_screen->id == 'profile') { //todo: enqueue automatically in wpcacore if (wp_script_is('select2', 'registered')) { wp_deregister_script('select2'); } wp_register_script( 'select2', plugins_url('/lib/wp-content-aware-engine/assets/js/select2.min.js', __FILE__), array('jquery'), '4.0.3', false ); wp_enqueue_style(self::META_PREFIX.'condition-groups'); $levels = array(); foreach ($this->get_levels() as $level) { $synced_role = get_post_meta($level->ID, self::META_PREFIX.'role', true); if ($current_screen->id != 'nav-menus' && $synced_role !== '') { continue; } $levels[] = array( 'id' => $level->ID, 'text' => $level->post_title ); } wp_enqueue_script('rua/admin/suggest-levels', plugins_url('/assets/js/suggest-levels.min.js', __FILE__), array('select2','jquery'), self::PLUGIN_VERSION); wp_localize_script('rua/admin/suggest-levels', 'RUA', array( 'search' => __('Search for Levels', 'restrict-user-access'), 'levels' => $levels )); } } }