X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=CRM%2FCore%2FPermission%2FWordPress.php;h=dfcc6c34a3f2bba7704feabf2365c6c1b3184b45;hb=94a0a5499ab27f49326e184a1a74438adea2442c;hp=9b7f8c9a5be3bfee7c094cd980dd4342f60818f7;hpb=4a857b55aa93910463dad24efcdf76035b50a517;p=civicrm-core.git

diff --git a/CRM/Core/Permission/WordPress.php b/CRM/Core/Permission/WordPress.php
index 9b7f8c9a5b..dfcc6c34a3 100644
--- a/CRM/Core/Permission/WordPress.php
+++ b/CRM/Core/Permission/WordPress.php
@@ -60,14 +60,14 @@ class CRM_Core_Permission_WordPress extends CRM_Core_Permission_Base {
 
     $user = $userId ? get_userdata($userId) : wp_get_current_user();
 
-    if ($user->has_cap('super admin') || $user->has_cap('administrator')) {
+    if ($userId !== 0 && ($user->has_cap('super admin') || $user->has_cap('administrator'))) {
       return TRUE;
     }
 
     // Make string lowercase and convert spaces into underscore
     $str = CRM_Utils_String::munge(strtolower($str));
 
-    if ($user->exists()) {
+    if ($userId !== 0 && $user->exists()) {
       // Check whether the logged in user has the capabilitity
       if ($user->has_cap($str)) {
         return TRUE;
@@ -76,16 +76,44 @@ class CRM_Core_Permission_WordPress extends CRM_Core_Permission_Base {
     else {
       //check the capabilities of Anonymous user)
       $roleObj = new WP_Roles();
-      if (
-        $roleObj->get_role('anonymous_user') != NULL &&
-        array_key_exists($str, $roleObj->get_role('anonymous_user')->capabilities)
-      ) {
+      $anonObj = $roleObj->get_role('anonymous_user');
+      if (!empty($anonObj->capabilities) && array_key_exists($str, $anonObj->capabilities)) {
         return TRUE;
       }
     }
     return FALSE;
   }
 
+  /**
+   * @inheritDoc
+   */
+  public function getAvailablePermissions() {
+    // We want to list *only* WordPress perms, so we'll *skip* Civi perms.
+    $mungedCorePerms = array_map(
+      function($str) {
+        return CRM_Utils_String::munge(strtolower($str));
+      },
+      array_keys(\CRM_Core_Permission::basicPermissions(TRUE))
+    );
+
+    // WP doesn't have an API to list all capabilities. However, we can discover a
+    // pretty good list by inspecting the (super)admin roles.
+    $wpCaps = [];
+    foreach (wp_roles()->roles as $wpRole) {
+      $wpCaps = array_unique(array_merge(array_keys($wpRole['capabilities']), $wpCaps));
+    }
+
+    $permissions = [];
+    foreach ($wpCaps as $wpCap) {
+      if (!in_array($wpCap, $mungedCorePerms)) {
+        $permissions["WordPress:$wpCap"] = [
+          'title' => "WordPress: $wpCap",
+        ];
+      }
+    }
+    return $permissions;
+  }
+
   /**
    * @inheritDoc
    */