Added mostly functioning taxanomy attachment handling for PagePermissions. refs #534

Chris Boden
Showing 3 changed files with 161 additions and 12 deletions
com/PagePermissions/PagePermissions.js
com/PagePermissions/PagePermissions.php
com/PagePermissions/views/form.php
--- a/com/PagePermissions/PagePermissions.js
View file @a659717
+++ b/com/PagePermissions/PagePermissions.js
View file @a659717
@@ -3,7 +3,37 @@ var TzPagePermissions = function() {
    var $select;
    var $roles;
+    var oHidden = false;
    var init = function($) {
+        if (TzPagePermissionsData.change_field != '0') {
+            var oChange    = document.getElementById(TzPagePermissionsData.change_field);
+            var sVal       = oChange.value;
+            var oContainer = oChange.parentNode;
+            oContainer.removeChild(oChange);
+            oContainer.innerHTML = decodeURIComponent(TzPagePermissionsData.innerHTML);
+            oHidden   = document.createElement('input');
+            oHidden.type  = 'hidden';
+            oHidden.value = sVal;
+            oHidden.id    = TzPagePermissionsData.change_field;
+            oHidden.name  = TzPagePermissionsData.change_field;
+            oContainer.appendChild(oHidden);
+            var $Sel = $('#' + TzPagePermissionsData.trigger);
+            $Sel.change(updateHidden);
+/*
+            var Els = document.getElementsByTagName('form')[0].elements;
+            for (var i = 0, iLen = Els.length; i < iLen; i++) {
+                if ($(Els[i]).parent(oContainer)) {
+//                    console.log(Els[i]);
+                }
+            }
+*/
+        }
        oSel = document.getElementById(TzPagePermissionsData.trigger);
        if (!oSel) {
            return;
@@ -15,6 +45,10 @@ var TzPagePermissions = function() {
        checkSetting();
    }
+    var updateHidden = function() {
+        oHidden.value = oSel.options[oSel.selectedIndex].value;
+    }
    var checkSetting = function() {
        var iVal = oSel.options[oSel.selectedIndex].value;
        if (iVal == TzPagePermissionsData.focus) {
--- a/com/PagePermissions/PagePermissions.php
View file @a659717
+++ b/com/PagePermissions/PagePermissions.php
View file @a659717
@@ -3,6 +3,10 @@
 * Public API
 */
 class PagePermissions {
+    /**
+     * The name of the custom field stored in a post/page
+     * @type String
+     */
    const META = 'accessible_to_roles';
    const OPT  = '';
@@ -12,10 +16,26 @@ class PagePermissions {
    const ELE_CUST_AUTH = 'message_cust_auth';
    const ELE_DENIED    = 'message_cust_denied';
+    /**
+     * Lookup value for ELE_SEL for all users
+     * @type Integer
+     */
    const OPT_ALL  = 0;
+    /**
+     * Lookup value for ELE_SEL for login required
+     * @type Integer
+     */
    const OPT_AUTH = 1;
+    /**
+     * Lookup value for ELE_SEL for custom roles
+     * @type Integer
+     */
    const OPT_CUST = 2;
+    /**
+     * WP current user data
+     * @type Array
+     */
    private static $current_user = false;
    public static function init() {
@@ -26,9 +46,16 @@ class PagePermissions {
        self::$current_user = _get_current_user();
    }
+    public static function initAjax() {
+        $selected = unserialize($_POST['string_value']);
+        include(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'views' . DIRECTORY_SEPARATOR . 'form.php');
+    }
    /**
+     * The key function in all of this; called by the Theme,
+     *  this determines if the user is able to view the page.
     * @param {Integer} $post_id
-     * @returns Boolean
+     * @returns {Boolean|String} true if user can view, error message if not
     * @throw InvalidArgumentException
     */
    public static function current_user_can_view($post_id = false) {
@@ -42,7 +69,7 @@ class PagePermissions {
            $post_id = $post->ID;
        }
-        // Meta value hasn't been set, assume public page (maybe should go off WP_Option default instead though...
+        // Meta value hasn't been set, getting settings defaults
        if ('' === $data = get_custom_data(self::META, $post_id)) {
            $data = Array(self::ELE_SEL => $settings[self::ELE_SEL], self::ELE_CUST => $settings[self::ELE_CUST]);
        }
@@ -52,28 +79,34 @@ class PagePermissions {
            return true;
        }
-        // Login required and user is logged in
+        // Login required
        if ($data[self::ELE_SEL] == self::OPT_AUTH) {
+            // User is logged in
            if (is_user_logged_in()) {
                return true;
            }
+            // Not logged in; return "login required" message
            return $settings[self::ELE_AUTH];
        }
-        // Specific role required and user meets it
+        // Specific role required
        if ($data[self::ELE_SEL] == self::OPT_CUST) {
+            // User isn't even logged in; send message
            if (!is_user_logged_in()) {
                return $settings[self::ELE_CUST_AUTH];
            }
+            // User meets role required
            if (isset($data[self::ELE_CUST][self::get_user_role()])) {
                return true;
            }
+            // User is logged in, but doesn't have sufficient privileges, return message
            return $settings[self::ELE_DENIED];
        }
+        // This shouldn't happend; but just in case
        return 'An unknown permission error has occurred';
    }
@@ -99,10 +132,19 @@ class PagePermissions {
        return $user_role;
    }
+    /**
+     * Determine if a user is a site administrator
+     * @param {Integer|String} $user Username or ID of user to lookup (or false for current user)
+     * @returns {Boolean}
+     */
    public static function is_admin($user = false) {
        return (self::get_user_role($user) == 'administrator' ? true : false);
    }
+    /**
+     * Get a lookup of all the forum elements
+     * @returns {Array} An associative array of the forum elemnts name/values
+     */
    public static function getFieldNames() {
        static $fields = false;
        if (false !== $fields) {
@@ -122,6 +164,9 @@ class PagePermissions {
    }
 }
+/**
+ * Aministration control
+ */
 class PagePermissionsAdmin {
    const CAPABILITY  = 'manage_page_permissions';
    const ADMIN_PAGE  = 'page-permission-settings';
@@ -140,6 +185,8 @@ class PagePermissionsAdmin {
        $role = get_role('administrator');
        $role->add_cap(self::CAPABILITY);
+        add_filters('PagePermissionsAdmin_Filters');
        if (isset($_POST[self::SUBMIT_HOOK]) && current_user_can(self::CAPABILITY)) {
            self::submit();
        }
@@ -156,6 +203,7 @@ class PagePermissionsAdmin {
    public static function viewMetaBox($post, $box_info) {
        $selected = ($post->ID == 0 ? self::getOptions() : get_custom_data(PagePermissions::META, $post->ID));
+        // If the post doesn't have the field saved get defaults
        if (empty($selected)) {
            $selected = self::getOptions();
        }
@@ -163,15 +211,27 @@ class PagePermissionsAdmin {
        include(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'views' . DIRECTORY_SEPARATOR . 'form.php');
    }
+    /**
+     * Handles saving data when a post/page is saved
+     */
    public static function submit() {
        unset($_POST[self::SUBMIT_HOOK]);
        $options = self::getOptions();
-        $fields = PagePermissions::getFieldNames();
+        $fields  = PagePermissions::getFieldNames();
        foreach ($fields as $field) {
            if (isset($_POST[$field])) {
-                // not sure if stripslashes should go here or in WP_Options
-                $options[$field] = stripslashes($_POST[$field]);
+                // This should probably be done via a recursive fn call or array_walk or something
+                if (is_array($_POST[$field])) {
+                    $options[$field] = Array();
+                    foreach ($_POST[$field] as $key => $val) {
+                        $options[$field][$key] = stripslashes($_POST[$field]);
+                    }
+                } else {
+                    // not sure if stripslashes should go here or in WP_Options
+                    $options[$field] = stripslashes($_POST[$field]);
+                }
            } else {
                $options[$field] = '';
            }
@@ -180,7 +240,7 @@ class PagePermissionsAdmin {
        $options->save();
    }
-    private static function getOptions() {
+    public static function getOptions() {
        static $options = false;
        if (false !== $options) {
            return $options;
@@ -191,7 +251,19 @@ class PagePermissionsAdmin {
    }
 }
+/**
+ * Each method is a handler for it's WordPress `add_action` namesake
+ */
 class PagePermissions_Actions {
+    public static function init() {
+        register_taxonomy(PagePermissions::META, 'attachment', Array('hierarachical' => false, 'label' => 'Page Permissions', 'query_var' => false));
+        $file = $_SERVER['REQUEST_URI'];
+        if ($file == '/wp-admin/media-new.php' && !PagePermissions::is_admin()) {
+            header("Location: " . $file . "?flash=0");
+        }
+    }
    public static function admin_menu() {
        if (current_user_can(ClientSettings::CAPABILITY)) {
            add_submenu_page(ClientSettings::ADMIN_PAGE, 'Permission Defaults', 'Permission Defaults', PagePermissionsAdmin::CAPABILITY, PagePermissionsAdmin::ADMIN_PAGE, Array('PagePermissionsAdmin', 'viewOptionsPage'));
@@ -200,11 +272,36 @@ class PagePermissions_Actions {
    }
    public static function admin_print_scripts() {
+        $innerhtml = '';
+        if ('0' !== ($change_field = (isset($_GET['attachment_id']) ? 'attachments[' . $_GET['attachment_id'] . '][' . PagePermissions::META . ']' : '0'))) {
+            $selected = get_custom_data(PagePermissions::META, $_GET['attachment_id']);
+            if (empty($selected)) {
+                $selected = PagePermissionsAdmin::getOptions();
+            }
+            ob_start();
+            require(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'views' . DIRECTORY_SEPARATOR . 'form.php');
+            $innerhtml = ob_get_contents();
+            ob_end_clean();
+        }
        _enqueue_script('page-permissions', plugins_url('PagePermissions.js', __FILE__));
-        _localize_script('page-permissions', 'TzPagePermissionsData', Array('trigger' => PagePermissions::ELE_SEL, 'focus' => PagePermissions::OPT_CUST));
+        _localize_script('page-permissions', 'TzPagePermissionsData', Array(
+            'trigger'      => PagePermissions::ELE_SEL
+          , 'focus'        => PagePermissions::OPT_CUST
+          , 'change_field' => $change_field
+          , 'innerHTML'    => rawurlencode($innerhtml)
+        ));
+//attachments[304][accessible_to_roles]
+//a:2:{s:14:"general_access";s:1:"1";s:5:"roles";a:1:{s:6:"editor";s:1:"1";}}
    }
    public static function save_post($post_id) {
+        if ($_POST['action'] == 'autosave') {
+            return;
+        }
        if (false === ($real_id = _is_post_revision($post_id))) {
            $real_id = $post_id;
        }
@@ -226,6 +323,24 @@ class PagePermissions_Actions {
    }
 }
-    PagePermissions::init();
+class PagePermissionsAdmin_Filters {
-    PagePermissionsAdmin::make();
+    public static function image_upload_iframe_src($result) {
+        return $result . '&flash=0';
+    }
+    public static function video_upload_iframe_src($result) {
+        return $result . '&flash=0';
+    }
+    public static function audio_upload_iframe_src($result) {
+        return $result . '&flash=0';
+    }
+}
+    if (isset($_POST['tz_pp_ajax'])) {
+        PagePermissions::initAjax();
+    } else {
+       PagePermissions::init();
+        PagePermissionsAdmin::make();
+    }
 ?>
\ No newline at end of file
--- a/com/PagePermissions/views/form.php
View file @a659717
+++ b/com/PagePermissions/views/form.php
View file @a659717
@@ -9,7 +9,7 @@
 <select id="<?php echo PagePermissions::ELE_SEL; ?>" name="<?php echo PagePermissions::ELE_SEL; ?>">
  <option value="<?php echo PagePermissions::OPT_ALL . '"' . (PagePermissions::OPT_ALL == $opt_selected ? ' selected' : ''); ?>>Anyone</option>
  <option value="<?php echo PagePermissions::OPT_AUTH . '"' . (PagePermissions::OPT_AUTH == $opt_selected ? ' selected' : ''); ?>>Must be Logged In</option>
-  <option value="<?php echo PagePermissions::OPT_CUST . '"' . (PagePermissions::OPT_CUST == $opt_selected ? ' selected' : ''); ?>>Only Specific Users</option>
+  <option value="<?php echo PagePermissions::OPT_CUST . '"' . (PagePermissions::OPT_CUST == $opt_selected ? ' selected' : ''); ?>>Specific Roles</option>
 </select>
 <div id="TzSpecific">