From 82a6f9592b95ec2bb2fd90ea33f3c189114930ee Mon Sep 17 00:00:00 2001 From: Allan Chappell Date: Mon, 28 Apr 2014 15:20:26 -0700 Subject: [PATCH] CRM-14171: Fixing WordPress ACL page to warn the admin about dangerous permissions. ---------------------------------------- * CRM-14171: Give configuration warning if Anonymous role is granted inappropriate permissions https://issues.civicrm.org/jira/browse/CRM-14171 --- CRM/ACL/Form/WordPress/Permissions.php | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/CRM/ACL/Form/WordPress/Permissions.php b/CRM/ACL/Form/WordPress/Permissions.php index 47d3d79da2..51f4393fac 100644 --- a/CRM/ACL/Form/WordPress/Permissions.php +++ b/CRM/ACL/Form/WordPress/Permissions.php @@ -129,6 +129,25 @@ class CRM_ACL_Form_WordPress_Permissions extends CRM_Core_Form { $roleObj->add_cap($key); } } + + if ($role == 'anonymous_user') { + // Get the permissions into a format that matches what we get from WP + $allWarningPermissions = CRM_Core_Permission::getAnonymousPermissionsWarnings(); + foreach ($allWarningPermissions as $key => $permission) { + $allWarningPermissions[$key] = CRM_utils_String::munge(strtolower($permission)); + } + $warningPermissions = array_intersect($allWarningPermissions, array_keys($rolePermissions)); + $warningPermissionNames = array(); + foreach ($warningPermissions as $permission) { + $warningPermissionNames[$permission] = $permissionsArray[$permission]; + } + if (!empty($warningPermissionNames)) { + CRM_Core_Session::setStatus( + ts('The %1 role was assigned one or more permission that may prove dangerous for users of that role to have. Please reconsider assigning %2 to them.', array( 1 => $wp_roles->role_names[$role], 2 => implode(', ', $warningPermissionNames))), + ts('Unsafe Permission Settings') + ); + } + } } // FIXME @@ -170,4 +189,3 @@ class CRM_ACL_Form_WordPress_Permissions extends CRM_Core_Form { return $perms_array; } } - -- 2.25.1