| 1 | <?php |
| 2 | /* |
| 3 | +--------------------------------------------------------------------+ |
| 4 | | CiviCRM version 4.6 | |
| 5 | +--------------------------------------------------------------------+ |
| 6 | | Copyright CiviCRM LLC (c) 2004-2014 | |
| 7 | +--------------------------------------------------------------------+ |
| 8 | | This file is a part of CiviCRM. | |
| 9 | | | |
| 10 | | CiviCRM is free software; you can copy, modify, and distribute it | |
| 11 | | under the terms of the GNU Affero General Public License | |
| 12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | |
| 13 | | | |
| 14 | | CiviCRM is distributed in the hope that it will be useful, but | |
| 15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | |
| 17 | | See the GNU Affero General Public License for more details. | |
| 18 | | | |
| 19 | | You should have received a copy of the GNU Affero General Public | |
| 20 | | License and the CiviCRM Licensing Exception along | |
| 21 | | with this program; if not, contact CiviCRM LLC | |
| 22 | | at info[AT]civicrm[DOT]org. If you have questions about the | |
| 23 | | GNU Affero General Public License or the licensing of CiviCRM, | |
| 24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | |
| 25 | +--------------------------------------------------------------------+ |
| 26 | */ |
| 27 | |
| 28 | /** |
| 29 | * |
| 30 | * @package CRM |
| 31 | * @copyright CiviCRM LLC (c) 2004-2014 |
| 32 | * $Id$ |
| 33 | * |
| 34 | */ |
| 35 | |
| 36 | /** |
| 37 | * |
| 38 | */ |
| 39 | class CRM_Core_Permission_WordPress extends CRM_Core_Permission_Base { |
| 40 | /** |
| 41 | * Given a permission string, check for access requirements |
| 42 | * |
| 43 | * @param string $str |
| 44 | * The permission to check. |
| 45 | * |
| 46 | * @return boolean |
| 47 | * true if yes, else false |
| 48 | */ |
| 49 | public function check($str) { |
| 50 | // Generic cms 'administer users' role tranlates to 'administrator' WordPress role |
| 51 | $str = $this->translatePermission($str, 'WordPress', array( |
| 52 | 'administer users' => 'administrator', |
| 53 | )); |
| 54 | if ($str == CRM_Core_Permission::ALWAYS_DENY_PERMISSION) { |
| 55 | return FALSE; |
| 56 | } |
| 57 | if ($str == CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION) { |
| 58 | return TRUE; |
| 59 | } |
| 60 | |
| 61 | require_once ABSPATH . WPINC . '/pluggable.php'; |
| 62 | |
| 63 | // for administrators give them all permissions |
| 64 | if (!function_exists('current_user_can')) { |
| 65 | return TRUE; |
| 66 | } |
| 67 | |
| 68 | if (current_user_can('super admin') || current_user_can('administrator')) { |
| 69 | return TRUE; |
| 70 | } |
| 71 | |
| 72 | // Make string lowercase and convert spaces into underscore |
| 73 | $str = CRM_Utils_String::munge(strtolower($str)); |
| 74 | |
| 75 | if (is_user_logged_in()) { |
| 76 | // Check whether the logged in user has the capabilitity |
| 77 | if (current_user_can($str)) { |
| 78 | return TRUE; |
| 79 | } |
| 80 | } |
| 81 | else { |
| 82 | //check the capabilities of Anonymous user) |
| 83 | $roleObj = new WP_Roles(); |
| 84 | if ( |
| 85 | $roleObj->get_role('anonymous_user') != NULL && |
| 86 | array_key_exists($str, $roleObj->get_role('anonymous_user')->capabilities) |
| 87 | ) { |
| 88 | return TRUE; |
| 89 | } |
| 90 | } |
| 91 | return FALSE; |
| 92 | } |
| 93 | |
| 94 | /** |
| 95 | * @inheritDoc |
| 96 | */ |
| 97 | public function isModulePermissionSupported() { |
| 98 | return TRUE; |
| 99 | } |
| 100 | |
| 101 | /** |
| 102 | * @inheritDoc |
| 103 | */ |
| 104 | public function upgradePermissions($permissions) { |
| 105 | return; |
| 106 | } |
| 107 | |
| 108 | } |