projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update spelling of htmlpurifier to be correct spelling
[civicrm-core.git] / CRM / Core / Permission / WordPress.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 5 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2019 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28 /**
29 *
30 * @package CRM
31 * @copyright CiviCRM LLC (c) 2004-2019
32 * $Id$
33 *
34 */
35
36 /**
37 *
38 */
39 class CRM_Core_Permission_WordPress extends CRM_Core_Permission_Base {
40
41 /**
42 * Given a permission string, check for access requirements
43 *
44 * @param string $str
45 * The permission to check.
46 * @param int $userId
47 *
48 * @return bool
49 * true if yes, else false
50 */
51 public function check($str, $userId = NULL) {
52 // Generic cms 'administer users' role tranlates to users with the 'edit_users' capability' in WordPress
53 $str = $this->translatePermission($str, 'WordPress', [
54 'administer users' => 'edit_users',
55 ]);
56 if ($str == CRM_Core_Permission::ALWAYS_DENY_PERMISSION) {
57 return FALSE;
58 }
59 if ($str == CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION) {
60 return TRUE;
61 }
62
63 // CRM-15629
64 // During some extern/* calls we don't bootstrap CMS hence
65 // below constants are not set. In such cases, we don't need to
66 // check permission, hence directly return TRUE
67 if (!defined('ABSPATH') || !defined('WPINC')) {
68 require_once 'CRM/Utils/System.php';
69 CRM_Utils_System::loadBootStrap();
70 }
71
72 require_once ABSPATH . WPINC . '/pluggable.php';
73
74 // for administrators give them all permissions
75 if (!function_exists('current_user_can')) {
76 return TRUE;
77 }
78
79 $user = $userId ? get_userdata($userId) : wp_get_current_user();
80
81 if ($user->has_cap('super admin') || $user->has_cap('administrator')) {
82 return TRUE;
83 }
84
85 // Make string lowercase and convert spaces into underscore
86 $str = CRM_Utils_String::munge(strtolower($str));
87
88 if ($user->exists()) {
89 // Check whether the logged in user has the capabilitity
90 if ($user->has_cap($str)) {
91 return TRUE;
92 }
93 }
94 else {
95 //check the capabilities of Anonymous user)
96 $roleObj = new WP_Roles();
97 if (
98 $roleObj->get_role('anonymous_user') != NULL &&
99 array_key_exists($str, $roleObj->get_role('anonymous_user')->capabilities)
100 ) {
101 return TRUE;
102 }
103 }
104 return FALSE;
105 }
106
107 /**
108 * @inheritDoc
109 */
110 public function isModulePermissionSupported() {
111 return TRUE;
112 }
113
114 /**
115 * @inheritDoc
116 */
117 public function upgradePermissions($permissions) {
118 }
119
120 }