Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
fee14197 | 4 | | CiviCRM version 5 | |
6a488035 | 5 | +--------------------------------------------------------------------+ |
6b83d5bd | 6 | | Copyright CiviCRM LLC (c) 2004-2019 | |
6a488035 TO |
7 | +--------------------------------------------------------------------+ |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License and the CiviCRM Licensing Exception along | | |
21 | | with this program; if not, contact CiviCRM LLC | | |
22 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
23 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
25 | +--------------------------------------------------------------------+ | |
d25dd0ee | 26 | */ |
6a488035 TO |
27 | |
28 | /** | |
29 | * | |
30 | * @package CRM | |
6b83d5bd | 31 | * @copyright CiviCRM LLC (c) 2004-2019 |
6a488035 TO |
32 | * $Id$ |
33 | * | |
34 | */ | |
35 | ||
36 | /** | |
37 | * | |
38 | */ | |
39 | class CRM_Core_Permission_WordPress extends CRM_Core_Permission_Base { | |
518fa0ee | 40 | |
6a488035 | 41 | /** |
100fef9d | 42 | * Given a permission string, check for access requirements |
6a488035 | 43 | * |
6a0b768e TO |
44 | * @param string $str |
45 | * The permission to check. | |
18be3201 | 46 | * @param int $userId |
6a488035 | 47 | * |
5c766a0b | 48 | * @return bool |
a6c01b45 | 49 | * true if yes, else false |
6a488035 | 50 | */ |
18be3201 | 51 | public function check($str, $userId = NULL) { |
cf39ce67 | 52 | // Generic cms 'administer users' role tranlates to users with the 'edit_users' capability' in WordPress |
be2fb01f | 53 | $str = $this->translatePermission($str, 'WordPress', [ |
20554149 | 54 | 'administer users' => 'edit_users', |
be2fb01f | 55 | ]); |
085823c1 TO |
56 | if ($str == CRM_Core_Permission::ALWAYS_DENY_PERMISSION) { |
57 | return FALSE; | |
58 | } | |
59 | if ($str == CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION) { | |
60 | return TRUE; | |
61 | } | |
62 | ||
35da5d8d | 63 | // CRM-15629 |
26005452 | 64 | // During some extern/* calls we don't bootstrap CMS hence |
e401f13c | 65 | // below constants are not set. In such cases, we don't need to |
66 | // check permission, hence directly return TRUE | |
8b8897c8 | 67 | if (!defined('ABSPATH') || !defined('WPINC')) { |
35da5d8d KC |
68 | require_once 'CRM/Utils/System.php'; |
69 | CRM_Utils_System::loadBootStrap(); | |
70 | } | |
71 | ||
8518b09b TO |
72 | require_once ABSPATH . WPINC . '/pluggable.php'; |
73 | ||
6a488035 TO |
74 | // for administrators give them all permissions |
75 | if (!function_exists('current_user_can')) { | |
76 | return TRUE; | |
77 | } | |
78 | ||
18be3201 CW |
79 | $user = $userId ? get_userdata($userId) : wp_get_current_user(); |
80 | ||
81 | if ($user->has_cap('super admin') || $user->has_cap('administrator')) { | |
6a488035 TO |
82 | return TRUE; |
83 | } | |
84 | ||
85 | // Make string lowercase and convert spaces into underscore | |
629b3d4d | 86 | $str = CRM_Utils_String::munge(strtolower($str)); |
6a488035 | 87 | |
18be3201 | 88 | if ($user->exists()) { |
6a488035 | 89 | // Check whether the logged in user has the capabilitity |
18be3201 | 90 | if ($user->has_cap($str)) { |
6a488035 TO |
91 | return TRUE; |
92 | } | |
93 | } | |
94 | else { | |
95 | //check the capabilities of Anonymous user) | |
96 | $roleObj = new WP_Roles(); | |
97 | if ( | |
98 | $roleObj->get_role('anonymous_user') != NULL && | |
99 | array_key_exists($str, $roleObj->get_role('anonymous_user')->capabilities) | |
100 | ) { | |
101 | return TRUE; | |
102 | } | |
103 | } | |
104 | return FALSE; | |
105 | } | |
353ffa53 | 106 | |
73950aa0 | 107 | /** |
e7c15cb6 | 108 | * @inheritDoc |
73950aa0 | 109 | */ |
110 | public function isModulePermissionSupported() { | |
0d3d1f9d | 111 | return TRUE; |
73950aa0 | 112 | } |
0d3d1f9d | 113 | |
73950aa0 | 114 | /** |
e7c15cb6 | 115 | * @inheritDoc |
73950aa0 | 116 | */ |
00be9182 | 117 | public function upgradePermissions($permissions) { |
73950aa0 | 118 | } |
96025800 | 119 | |
6a488035 | 120 | } |