Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
bc77d7c0 | 4 | | Copyright CiviCRM LLC. All rights reserved. | |
6a488035 | 5 | | | |
bc77d7c0 TO |
6 | | This work is published under the GNU AGPLv3 license with some | |
7 | | permitted exceptions and without any warranty. For full license | | |
8 | | and copyright information, see https://civicrm.org/licensing | | |
6a488035 | 9 | +--------------------------------------------------------------------+ |
d25dd0ee | 10 | */ |
6a488035 TO |
11 | |
12 | /** | |
13 | * | |
14 | * @package CRM | |
ca5cec67 | 15 | * @copyright CiviCRM LLC https://civicrm.org/licensing |
6a488035 TO |
16 | */ |
17 | ||
18 | /** | |
19 | * | |
20 | */ | |
21 | class CRM_Core_Permission_WordPress extends CRM_Core_Permission_Base { | |
518fa0ee | 22 | |
6a488035 | 23 | /** |
100fef9d | 24 | * Given a permission string, check for access requirements |
6a488035 | 25 | * |
6a0b768e TO |
26 | * @param string $str |
27 | * The permission to check. | |
18be3201 | 28 | * @param int $userId |
6a488035 | 29 | * |
5c766a0b | 30 | * @return bool |
a6c01b45 | 31 | * true if yes, else false |
6a488035 | 32 | */ |
18be3201 | 33 | public function check($str, $userId = NULL) { |
cf39ce67 | 34 | // Generic cms 'administer users' role tranlates to users with the 'edit_users' capability' in WordPress |
be2fb01f | 35 | $str = $this->translatePermission($str, 'WordPress', [ |
20554149 | 36 | 'administer users' => 'edit_users', |
be2fb01f | 37 | ]); |
085823c1 TO |
38 | if ($str == CRM_Core_Permission::ALWAYS_DENY_PERMISSION) { |
39 | return FALSE; | |
40 | } | |
41 | if ($str == CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION) { | |
42 | return TRUE; | |
43 | } | |
44 | ||
35da5d8d | 45 | // CRM-15629 |
26005452 | 46 | // During some extern/* calls we don't bootstrap CMS hence |
e401f13c | 47 | // below constants are not set. In such cases, we don't need to |
48 | // check permission, hence directly return TRUE | |
8b8897c8 | 49 | if (!defined('ABSPATH') || !defined('WPINC')) { |
35da5d8d KC |
50 | require_once 'CRM/Utils/System.php'; |
51 | CRM_Utils_System::loadBootStrap(); | |
52 | } | |
53 | ||
8518b09b TO |
54 | require_once ABSPATH . WPINC . '/pluggable.php'; |
55 | ||
6a488035 TO |
56 | // for administrators give them all permissions |
57 | if (!function_exists('current_user_can')) { | |
58 | return TRUE; | |
59 | } | |
60 | ||
18be3201 CW |
61 | $user = $userId ? get_userdata($userId) : wp_get_current_user(); |
62 | ||
63 | if ($user->has_cap('super admin') || $user->has_cap('administrator')) { | |
6a488035 TO |
64 | return TRUE; |
65 | } | |
66 | ||
67 | // Make string lowercase and convert spaces into underscore | |
629b3d4d | 68 | $str = CRM_Utils_String::munge(strtolower($str)); |
6a488035 | 69 | |
18be3201 | 70 | if ($user->exists()) { |
6a488035 | 71 | // Check whether the logged in user has the capabilitity |
18be3201 | 72 | if ($user->has_cap($str)) { |
6a488035 TO |
73 | return TRUE; |
74 | } | |
75 | } | |
76 | else { | |
77 | //check the capabilities of Anonymous user) | |
78 | $roleObj = new WP_Roles(); | |
79 | if ( | |
80 | $roleObj->get_role('anonymous_user') != NULL && | |
81 | array_key_exists($str, $roleObj->get_role('anonymous_user')->capabilities) | |
82 | ) { | |
83 | return TRUE; | |
84 | } | |
85 | } | |
86 | return FALSE; | |
87 | } | |
353ffa53 | 88 | |
73950aa0 | 89 | /** |
e7c15cb6 | 90 | * @inheritDoc |
73950aa0 | 91 | */ |
92 | public function isModulePermissionSupported() { | |
0d3d1f9d | 93 | return TRUE; |
73950aa0 | 94 | } |
0d3d1f9d | 95 | |
73950aa0 | 96 | /** |
e7c15cb6 | 97 | * @inheritDoc |
73950aa0 | 98 | */ |
00be9182 | 99 | public function upgradePermissions($permissions) { |
73950aa0 | 100 | } |
96025800 | 101 | |
6a488035 | 102 | } |