eventsmanager

Limit normal users to seeing their own CPTs in wp admin

Oct 3rd, 2013
188
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. /*
  3. Plugin Name: Admin for Authors
  4. Version: 0.2
  5. Plugin URI: http://wordpress.org/
  6. Description: Restrict users with limited publishing privelages to only see their own posts and other post types in the admin area
  7. Author: Marcus Sykes
  8. Author URI: http://msyk.es
  9. */
  10.  
  11. /*
  12. Copyright (c) 2013, Marcus Sykes
  13.  
  14. This program is free software; you can redistribute it and/or
  15. modify it under the terms of the GNU General Public License
  16. as published by the Free Software Foundation; either version 2
  17. of the License, or (at your option) any later version.
  18.  
  19. This program is distributed in the hope that it will be useful,
  20. but WITHOUT ANY WARRANTY; without even the implied warranty of
  21. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  22. GNU General Public License for more details.
  23.  
  24. You should have received a copy of the GNU General Public License
  25. along with this program; if not, write to the Free Software
  26. Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  27. */
  28.  
  29. class Admin_For_Authors {
  30.    
  31.     //these vars prevent need for rewriting lines of code copied from WP
  32.     var $sticky_posts_count = 0;
  33.     var $user_posts_count = 0;
  34.     var $screen;
  35.    
  36.     static function init(){
  37.         global $Admin_For_Authors;
  38.         $Admin_For_Authors = new Admin_For_Authors();
  39.         add_action('parse_query', 'Admin_For_Authors::parse_query');
  40.         $post_types = get_post_types();
  41.         foreach($post_types as $post_type ){
  42.             add_filter('views_edit-'.$post_type, array(&$Admin_For_Authors, 'get_views'));
  43.         }
  44.     }
  45.    
  46.     static function parse_query(){
  47.         global $wp_query;
  48.         if( !empty($wp_query->query_vars['post_type']) ){
  49.             $post_type_object = get_post_type_object($wp_query->query_vars['post_type']);
  50.             if ( !current_user_can( $post_type_object->cap->edit_others_posts ) ) {
  51.                 $wp_query->query_vars['author'] = get_current_user_id();
  52.             }
  53.         }
  54.     }
  55.    
  56.     static function wp_count_posts( $type = 'post', $perm = '' ) {
  57.         global $wpdb;
  58.    
  59.         $user = wp_get_current_user();
  60.    
  61.         $cache_key = $type.'_'.$user->ID;
  62.    
  63.         $query = "SELECT post_status, COUNT( * ) AS num_posts FROM {$wpdb->posts} WHERE post_type = %s";
  64.        
  65.         if( is_user_logged_in() )
  66.             $query .= " AND post_author = {$user->ID}";
  67.        
  68.         if ( 'readable' == $perm && is_user_logged_in() ) {
  69.             $post_type_object = get_post_type_object($type);
  70.             if ( !current_user_can( $post_type_object->cap->read_private_posts ) ) {
  71.                 $cache_key .= '_' . $perm . '_' . $user->ID;
  72.                 $query .= " AND (post_status != 'private' OR ( post_author = '$user->ID' AND post_status = 'private' ))";
  73.             }
  74.         }
  75.         $query .= ' GROUP BY post_status';
  76.    
  77.         $count = wp_cache_get($cache_key, 'counts');
  78.         if ( false !== $count )
  79.             return $count;
  80.    
  81.         $count = $wpdb->get_results( $wpdb->prepare( $query, $type ), ARRAY_A );
  82.    
  83.         $stats = array();
  84.         foreach ( get_post_stati() as $state )
  85.             $stats[$state] = 0;
  86.    
  87.         foreach ( (array) $count as $row )
  88.             $stats[$row['post_status']] = $row['num_posts'];
  89.    
  90.         $stats = (object) $stats;
  91.         wp_cache_set($cache_key, $stats, 'counts');
  92.    
  93.         return $stats;
  94.     }
  95.  
  96.     /**
  97.      * Almost-exact copy of WP_Posts_List_Table::get_views(), but makes subtle changes for $this references and calls internal Admin_For_Authors::wp_count_posts() function instead
  98.      * Changes highlighted with comments starting //EDIT
  99.      * @return array
  100.      */
  101.     function get_views() {
  102.         global $locked_post_status, $avail_post_stati;
  103.  
  104.         $this->screen = get_current_screen(); //EDIT - get $screen for use on $this->screen
  105.         $post_type = $this->screen->post_type;
  106.  
  107.         if ( !empty($locked_post_status) )
  108.             return array();
  109.  
  110.         $status_links = array();
  111.         $num_posts = self::wp_count_posts( $post_type, 'readable' );
  112.         $class = '';
  113.         $allposts = '';
  114.  
  115.         $current_user_id = get_current_user_id();
  116.  
  117.         if ( $this->user_posts_count ) {
  118.             if ( isset( $_GET['author'] ) && ( $_GET['author'] == $current_user_id ) )
  119.                 $class = ' class="current"';
  120.             $status_links['mine'] = "<a href='edit.php?post_type=$post_type&author=$current_user_id'$class>" . sprintf( _nx( 'Mine <span class="count">(%s)</span>', 'Mine <span class="count">(%s)</span>', $this->user_posts_count, 'posts' ), number_format_i18n( $this->user_posts_count ) ) . '</a>';
  121.             $allposts = '&all_posts=1';
  122.         }
  123.  
  124.         $total_posts = array_sum( (array) $num_posts );
  125.  
  126.         // Subtract post types that are not included in the admin all list.
  127.         foreach ( get_post_stati( array('show_in_admin_all_list' => false) ) as $state )
  128.             $total_posts -= $num_posts->$state;
  129.  
  130.         $class = empty( $class ) && empty( $_REQUEST['post_status'] ) && empty( $_REQUEST['show_sticky'] ) ? ' class="current"' : '';
  131.         $status_links['all'] = "<a href='edit.php?post_type=$post_type{$allposts}'$class>" . sprintf( _nx( 'All <span class="count">(%s)</span>', 'All <span class="count">(%s)</span>', $total_posts, 'posts' ), number_format_i18n( $total_posts ) ) . '</a>';
  132.  
  133.         foreach ( get_post_stati(array('show_in_admin_status_list' => true), 'objects') as $status ) {
  134.             $class = '';
  135.  
  136.             $status_name = $status->name;
  137.  
  138.             if ( !in_array( $status_name, $avail_post_stati ) )
  139.                 continue;
  140.  
  141.             if ( empty( $num_posts->$status_name ) )
  142.                 continue;
  143.  
  144.             if ( isset($_REQUEST['post_status']) && $status_name == $_REQUEST['post_status'] )
  145.                 $class = ' class="current"';
  146.  
  147.             $status_links[$status_name] = "<a href='edit.php?post_status=$status_name&amp;post_type=$post_type'$class>" . sprintf( translate_nooped_plural( $status->label_count, $num_posts->$status_name ), number_format_i18n( $num_posts->$status_name ) ) . '</a>';
  148.         }
  149.  
  150.         //EDIT - START this whole if statement gets sticky posts stat, copied from WP_Posts_List_Table::_construct() but there's maybe a better way for this
  151.         global $wpdb;
  152.         if ( 'post' == $post_type && $sticky_posts = get_option( 'sticky_posts' ) ) {
  153.             $sticky_posts = implode( ', ', array_map( 'absint', (array) $sticky_posts ) );
  154.             $this->sticky_posts_count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT( 1 ) FROM $wpdb->posts WHERE post_type = %s AND post_status != 'trash' AND ID IN ($sticky_posts)", $post_type ) );
  155.         }
  156.         //EDIT - END
  157.        
  158.         if ( ! empty( $this->sticky_posts_count ) ) {
  159.             $class = ! empty( $_REQUEST['show_sticky'] ) ? ' class="current"' : '';
  160.  
  161.             $sticky_link = array( 'sticky' => "<a href='edit.php?post_type=$post_type&amp;show_sticky=1'$class>" . sprintf( _nx( 'Sticky <span class="count">(%s)</span>', 'Sticky <span class="count">(%s)</span>', $this->sticky_posts_count, 'posts' ), number_format_i18n( $this->sticky_posts_count ) ) . '</a>' );
  162.  
  163.             // Sticky comes after Publish, or if not listed, after All.
  164.             $split = 1 + array_search( ( isset( $status_links['publish'] ) ? 'publish' : 'all' ), array_keys( $status_links ) );
  165.             $status_links = array_merge( array_slice( $status_links, 0, $split ), $sticky_link, array_slice( $status_links, $split ) );
  166.         }
  167.  
  168.         return $status_links;
  169.     }
  170. }
  171. add_action('admin_init','Admin_For_Authors::init');
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×