Skip to content

Tenzing / Tz Tools

Go to a project
Toggle navigation
Toggle navigation pinning
a659717b by Chris Boden
Options

Added mostly functioning taxanomy attachment handling for PagePermissions. refs #534

1 parent d156e2e7
Inline Side-by-side
Showing 3 changed files with 161 additions and 12 deletions
......@@ -3,7 +3,37 @@ var TzPagePermissions = function() {
var $select;
var $roles;
var oHidden = false;
var init = function($) {
if (TzPagePermissionsData.change_field != '0') {
var oChange = document.getElementById(TzPagePermissionsData.change_field);
var sVal = oChange.value;
var oContainer = oChange.parentNode;
oContainer.removeChild(oChange);
oContainer.innerHTML = decodeURIComponent(TzPagePermissionsData.innerHTML);
oHidden = document.createElement('input');
oHidden.type = 'hidden';
oHidden.value = sVal;
oHidden.id = TzPagePermissionsData.change_field;
oHidden.name = TzPagePermissionsData.change_field;
oContainer.appendChild(oHidden);
var $Sel = $('#' + TzPagePermissionsData.trigger);
$Sel.change(updateHidden);
/*
var Els = document.getElementsByTagName('form')[0].elements;
for (var i = 0, iLen = Els.length; i < iLen; i++) {
if ($(Els[i]).parent(oContainer)) {
// console.log(Els[i]);
}
}
*/
}
oSel = document.getElementById(TzPagePermissionsData.trigger);
if (!oSel) {
return;
......@@ -15,6 +45,10 @@ var TzPagePermissions = function() {
checkSetting();
}
var updateHidden = function() {
oHidden.value = oSel.options[oSel.selectedIndex].value;
}
var checkSetting = function() {
var iVal = oSel.options[oSel.selectedIndex].value;
if (iVal == TzPagePermissionsData.focus) {
......
......@@ -3,6 +3,10 @@
* Public API
*/
class PagePermissions {
/**
* The name of the custom field stored in a post/page
* @type String
*/
const META = 'accessible_to_roles';
const OPT = '';
......@@ -12,10 +16,26 @@ class PagePermissions {
const ELE_CUST_AUTH = 'message_cust_auth';
const ELE_DENIED = 'message_cust_denied';
/**
* Lookup value for ELE_SEL for all users
* @type Integer
*/
const OPT_ALL = 0;
/**
* Lookup value for ELE_SEL for login required
* @type Integer
*/
const OPT_AUTH = 1;
/**
* Lookup value for ELE_SEL for custom roles
* @type Integer
*/
const OPT_CUST = 2;
/**
* WP current user data
* @type Array
*/
private static $current_user = false;
public static function init() {
......@@ -26,9 +46,16 @@ class PagePermissions {
self::$current_user = _get_current_user();
}
public static function initAjax() {
$selected = unserialize($_POST['string_value']);
include(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'views' . DIRECTORY_SEPARATOR . 'form.php');
}
/**
* The key function in all of this; called by the Theme,
* this determines if the user is able to view the page.
* @param {Integer} $post_id
* @returns Boolean
* @returns {Boolean|String} true if user can view, error message if not
* @throw InvalidArgumentException
*/
public static function current_user_can_view($post_id = false) {
......@@ -42,7 +69,7 @@ class PagePermissions {
$post_id = $post->ID;
}
// Meta value hasn't been set, assume public page (maybe should go off WP_Option default instead though...
// Meta value hasn't been set, getting settings defaults
if ('' === $data = get_custom_data(self::META, $post_id)) {
$data = Array(self::ELE_SEL => $settings[self::ELE_SEL], self::ELE_CUST => $settings[self::ELE_CUST]);
}
......@@ -52,28 +79,34 @@ class PagePermissions {
return true;
}
// Login required and user is logged in
// Login required
if ($data[self::ELE_SEL] == self::OPT_AUTH) {
// User is logged in
if (is_user_logged_in()) {
return true;
}
// Not logged in; return "login required" message
return $settings[self::ELE_AUTH];
}
// Specific role required and user meets it
// Specific role required
if ($data[self::ELE_SEL] == self::OPT_CUST) {
// User isn't even logged in; send message
if (!is_user_logged_in()) {
return $settings[self::ELE_CUST_AUTH];
}
// User meets role required
if (isset($data[self::ELE_CUST][self::get_user_role()])) {
return true;
}
// User is logged in, but doesn't have sufficient privileges, return message
return $settings[self::ELE_DENIED];
}
// This shouldn't happend; but just in case
return 'An unknown permission error has occurred';
}
......@@ -99,10 +132,19 @@ class PagePermissions {
return $user_role;
}
/**
* Determine if a user is a site administrator
* @param {Integer|String} $user Username or ID of user to lookup (or false for current user)
* @returns {Boolean}
*/
public static function is_admin($user = false) {
return (self::get_user_role($user) == 'administrator' ? true : false);
}
/**
* Get a lookup of all the forum elements
* @returns {Array} An associative array of the forum elemnts name/values
*/
public static function getFieldNames() {
static $fields = false;
if (false !== $fields) {
......@@ -122,6 +164,9 @@ class PagePermissions {
}
}
/**
* Aministration control
*/
class PagePermissionsAdmin {
const CAPABILITY = 'manage_page_permissions';
const ADMIN_PAGE = 'page-permission-settings';
......@@ -140,6 +185,8 @@ class PagePermissionsAdmin {
$role = get_role('administrator');
$role->add_cap(self::CAPABILITY);
add_filters('PagePermissionsAdmin_Filters');
if (isset($_POST[self::SUBMIT_HOOK]) && current_user_can(self::CAPABILITY)) {
self::submit();
}
......@@ -156,6 +203,7 @@ class PagePermissionsAdmin {
public static function viewMetaBox($post, $box_info) {
$selected = ($post->ID == 0 ? self::getOptions() : get_custom_data(PagePermissions::META, $post->ID));
// If the post doesn't have the field saved get defaults
if (empty($selected)) {
$selected = self::getOptions();
}
......@@ -163,15 +211,27 @@ class PagePermissionsAdmin {
include(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'views' . DIRECTORY_SEPARATOR . 'form.php');
}
/**
* Handles saving data when a post/page is saved
*/
public static function submit() {
unset($_POST[self::SUBMIT_HOOK]);
$options = self::getOptions();
$fields = PagePermissions::getFieldNames();
$fields = PagePermissions::getFieldNames();
foreach ($fields as $field) {
if (isset($_POST[$field])) {
// not sure if stripslashes should go here or in WP_Options
$options[$field] = stripslashes($_POST[$field]);
// This should probably be done via a recursive fn call or array_walk or something
if (is_array($_POST[$field])) {
$options[$field] = Array();
foreach ($_POST[$field] as $key => $val) {
$options[$field][$key] = stripslashes($_POST[$field]);
}
} else {
// not sure if stripslashes should go here or in WP_Options
$options[$field] = stripslashes($_POST[$field]);
}
} else {
$options[$field] = '';
}
......@@ -180,7 +240,7 @@ class PagePermissionsAdmin {
$options->save();
}
private static function getOptions() {
public static function getOptions() {
static $options = false;
if (false !== $options) {
return $options;
......@@ -191,7 +251,19 @@ class PagePermissionsAdmin {
}
}
/**
* Each method is a handler for it's WordPress `add_action` namesake
*/
class PagePermissions_Actions {
public static function init() {
register_taxonomy(PagePermissions::META, 'attachment', Array('hierarachical' => false, 'label' => 'Page Permissions', 'query_var' => false));
$file = $_SERVER['REQUEST_URI'];
if ($file == '/wp-admin/media-new.php' && !PagePermissions::is_admin()) {
header("Location: " . $file . "?flash=0");
}
}
public static function admin_menu() {
if (current_user_can(ClientSettings::CAPABILITY)) {
add_submenu_page(ClientSettings::ADMIN_PAGE, 'Permission Defaults', 'Permission Defaults', PagePermissionsAdmin::CAPABILITY, PagePermissionsAdmin::ADMIN_PAGE, Array('PagePermissionsAdmin', 'viewOptionsPage'));
......@@ -200,11 +272,36 @@ class PagePermissions_Actions {
}
public static function admin_print_scripts() {
$innerhtml = '';
if ('0' !== ($change_field = (isset($_GET['attachment_id']) ? 'attachments[' . $_GET['attachment_id'] . '][' . PagePermissions::META . ']' : '0'))) {
$selected = get_custom_data(PagePermissions::META, $_GET['attachment_id']);
if (empty($selected)) {
$selected = PagePermissionsAdmin::getOptions();
}
ob_start();
require(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'views' . DIRECTORY_SEPARATOR . 'form.php');
$innerhtml = ob_get_contents();
ob_end_clean();
}
_enqueue_script('page-permissions', plugins_url('PagePermissions.js', __FILE__));
_localize_script('page-permissions', 'TzPagePermissionsData', Array('trigger' => PagePermissions::ELE_SEL, 'focus' => PagePermissions::OPT_CUST));
_localize_script('page-permissions', 'TzPagePermissionsData', Array(
'trigger' => PagePermissions::ELE_SEL
, 'focus' => PagePermissions::OPT_CUST
, 'change_field' => $change_field
, 'innerHTML' => rawurlencode($innerhtml)
));
//attachments[304][accessible_to_roles]
//a:2:{s:14:"general_access";s:1:"1";s:5:"roles";a:1:{s:6:"editor";s:1:"1";}}
}
public static function save_post($post_id) {
if ($_POST['action'] == 'autosave') {
return;
}
if (false === ($real_id = _is_post_revision($post_id))) {
$real_id = $post_id;
}
......@@ -226,6 +323,24 @@ class PagePermissions_Actions {
}
}
PagePermissions::init();
PagePermissionsAdmin::make();
class PagePermissionsAdmin_Filters {
public static function image_upload_iframe_src($result) {
return $result . '&flash=0';
}
public static function video_upload_iframe_src($result) {
return $result . '&flash=0';
}
public static function audio_upload_iframe_src($result) {
return $result . '&flash=0';
}
}
if (isset($_POST['tz_pp_ajax'])) {
PagePermissions::initAjax();
} else {
PagePermissions::init();
PagePermissionsAdmin::make();
}
?>
\ No newline at end of file
......
......@@ -9,7 +9,7 @@
<select id="<?php echo PagePermissions::ELE_SEL; ?>" name="<?php echo PagePermissions::ELE_SEL; ?>">
<option value="<?php echo PagePermissions::OPT_ALL . '"' . (PagePermissions::OPT_ALL == $opt_selected ? ' selected' : ''); ?>>Anyone</option>
<option value="<?php echo PagePermissions::OPT_AUTH . '"' . (PagePermissions::OPT_AUTH == $opt_selected ? ' selected' : ''); ?>>Must be Logged In</option>
<option value="<?php echo PagePermissions::OPT_CUST . '"' . (PagePermissions::OPT_CUST == $opt_selected ? ' selected' : ''); ?>>Only Specific Users</option>
<option value="<?php echo PagePermissions::OPT_CUST . '"' . (PagePermissions::OPT_CUST == $opt_selected ? ' selected' : ''); ?>>Specific Roles</option>
</select>
<div id="TzSpecific">
......