API tools faq
paste
Guest User

Untitled

a guest
May 1st, 2016
52
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.89 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. class JPB_User_Caps {
  4.  
  5. /**
  6. * An array of all protected roles
  7. * @var array
  8. */
  9. protected $protectedRoles = array(
  10. 'webmaster',
  11. );
  12.  
  13. /**
  14. * Add the necessary filters for filtering out editable roles and mapping meta caps.
  15. */
  16. function __construct() {
  17. add_filter( 'editable_roles', array( $this, 'editable_roles' ), 20 );
  18. add_filter( 'map_meta_cap', array( $this, 'map_meta_cap' ), 10, 4 );
  19. }
  20.  
  21. /**
  22. * Remove our protected roles from the list of editable roles if the current user doesn't have one of them.
  23. *
  24. * @param array $roles The list of editable roles. This is an associative array using the role slug as keys and the display names as values.
  25. * @return array The filtered list of roles
  26. */
  27. function editable_roles( $roles ) {
  28. $userInProtectedRole = false;
  29. foreach( $this->protectedRoles as $k => $role ) {
  30. if( !isset( $roles[$role] ) ) {
  31. unset( $this->protectedRoles[$k] );
  32. continue;
  33. }
  34. if( !current_user_can( $role ) )
  35. continue;
  36. $userInProtectedRole = true;
  37. break;
  38. }
  39. $roles = array_diff_key( $roles, array_flip( $this->protectedRoles ) );
  40. return $roles;
  41. }
  42.  
  43. /**
  44. * If someone is trying to edit or delete a protected role and that user isn't in a protected role, don't allow it.
  45. *
  46. * For our purposes, $args[0] should be the ID of the user having something done to them (the user about to be
  47. * edited, deleted, promoted, etc.)
  48. *
  49. * @param array $caps The current list of required capabilities for this action
  50. * @param string $cap The capability we're checking (i.e., the one used in current_user_can() )
  51. * @param int $user_id The ID of the user for whom we're checking capabilities
  52. * @param array $args Any extra arguments
  53. * @return array The final array of capabilities required for this action
  54. */
  55. function map_meta_cap( $caps, $cap, $user_id, $args ) {
  56.  
  57. switch( $cap ) {
  58. case 'edit_user':
  59. case 'remove_user':
  60. case 'promote_user':
  61. if( isset( $args[0] ) && $args[0] == $user_id )
  62. break;
  63. elseif( !isset( $args[0] ) )
  64. $caps[] = 'do_not_allow';
  65. $other = new WP_User( absint( $args[0] ) );
  66. $otherHasCap = $userHasCap = false;
  67. foreach( $this->protectedRoles as $role ) {
  68. $otherHasCap = $otherHasCap ? true : $other->has_cap( $role );
  69. $userHasCap = $userHasCap ? true : current_user_can( $role );
  70. }
  71. if( $otherHasCap && !$userHasCap ) {
  72. $caps[] = 'do_not_allow';
  73. }
  74. break;
  75. case 'delete_user':
  76. case 'delete_users':
  77. if( !isset( $args[0] ) )
  78. break;
  79. $other = new WP_User( absint( $args[0] ) );
  80. $otherHasCap = $userHasCap = false;
  81. foreach( $this->protectedRoles as $role ) {
  82. $otherHasCap = $otherHasCap ? true : $other->has_cap( $role );
  83. $userHasCap = $userHasCap ? true : current_user_can( $role );
  84. }
  85. if( $otherHasCap && !$userHasCap ) {
  86. $caps[] = 'do_not_allow';
  87. }
  88. break;
  89. default:
  90. break;
  91. }
  92. return $caps;
  93. }
  94.  
  95. }
  96.  
  97. new JPB_User_Caps();
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!