[Summary view] [Print] [Text view]

   1  <?php
   2  /**
   3   * Things: GP_Permission class
   4   *
   5   * @package GlotPress
   6   * @subpackage Things
   7   * @since 1.0.0
   8   */
   9  
  10  /**
  11   * Core class used to implement the permissions.
  12   *
  13   * @since 1.0.0
  14   */
  15  class GP_Permission extends GP_Thing {
  16  
  17      var $table_basename           = 'gp_permissions';
  18      var $field_names              = array( 'id', 'user_id', 'action', 'object_type', 'object_id' );
  19      var $int_fields               = array( 'id', 'user_id' );
  20      var $non_updatable_attributes = array( 'id' );
  21  
  22      public $id;
  23      public $user_id;
  24      public $action;
  25      public $object_type;
  26      public $object_id;
  27  
  28      /**
  29       * Normalizes an array with key-value pairs representing
  30       * a GP_Permission object.
  31       *
  32       * @since 1.0.0
  33       *
  34       * @param array $args Arguments for a GP_Permission object.
  35       * @return array Normalized arguments for a GP_Permission object.
  36       */
  37  	public function normalize_fields( $args ) {
  38          $args = parent::normalize_fields( $args );
  39  
  40          foreach ( $this->field_names as $field_name ) {
  41              if ( isset( $args[ $field_name ] ) ) {
  42                  $args[ $field_name ] = $this->force_false_to_null( $args[ $field_name ] );
  43              }
  44          }
  45  
  46          return $args;
  47      }
  48  
  49      /**
  50       * Determines whether the current user can do $action on the instance of $object_type with id $object_id.
  51       *
  52       * Example: GP::$permission->current_user_can( 'read', 'translation-set', 11 );
  53       *
  54       * @param string $action
  55       * @param string $object_type
  56       * @param int    $object_id
  57       * @param mixed  $extra
  58       */
  59  	public function current_user_can( $action, $object_type = null, $object_id = null, $extra = null ) {
  60          $user = wp_get_current_user();
  61  
  62          return $this->user_can( $user, $action, $object_type, $object_id, $extra );
  63      }
  64  
  65      /**
  66       * Determines whether the user can do $action on the instance of $object_type with id $object_id.
  67       *
  68       * Example: GP::$permission->user_can( $user, 'read', 'translation-set', 11 );
  69       *
  70       * @param int|object $user
  71       * @param string     $action
  72       * @param string     $object_type
  73       * @param int        $object_id
  74       * @param mixed      $extra
  75       */
  76  	public function user_can( $user, $action, $object_type = null, $object_id = null, $extra = null ) {
  77          if ( ! is_object( $user ) ) {
  78              $user = get_userdata( $user );
  79          }
  80  
  81          $user_id = null;
  82          if ( $user && $user->exists() ) {
  83              $user_id = $user->ID;
  84          }
  85  
  86          $args                 = $filter_args = compact( 'user_id', 'action', 'object_type', 'object_id' );
  87          $filter_args['user']  = $user;
  88          $filter_args['extra'] = $extra;
  89  
  90          /**
  91           * Filter whether a user can do an action.
  92           *
  93           * Return boolean to skip doing a verdict.
  94           *
  95           * @since 1.0.0
  96           *
  97           * @param string|bool $verdict Whether user can do an action.
  98           * @param array $args {
  99           *     Arguments of the permission check.
 100           *
 101           *     @type int     $user_id     The user being evaluated.
 102           *     @type string  $action      Action to be executed.
 103           *     @type string  $object_type Object type to execute against.
 104           *     @type string  $object_id   Object ID to execute against.
 105           *     @type WP_User $user        The user being evaluated.
 106           *     @type mixed   $extra       Extra information given to the permission check.
 107           * }
 108           */
 109          $preliminary = apply_filters( 'gp_pre_can_user', 'no-verdict', $filter_args );
 110          if ( is_bool( $preliminary ) ) {
 111              return $preliminary;
 112          }
 113  
 114          $verdict =
 115              $this->find_one(
 116                  array(
 117                      'action'  => 'admin',
 118                      'user_id' => $user_id,
 119                  )
 120              ) ||
 121              $this->find_one( $args ) ||
 122              $this->find_one( array_merge( $args, array( 'object_id' => null ) ) );
 123  
 124          /**
 125           * Filter whether an user can do an action.
 126           *
 127           * @since 1.0.0
 128           *
 129           * @param bool $verdict Whether user can do an action.
 130           * @param array $args {
 131           *     Arguments of the permission check.
 132           *
 133           *     @type int     $user_id     The user being evaluated.
 134           *     @type string  $action      Action to be executed.
 135           *     @type string  $object_type Object type to execute against.
 136           *     @type string  $object_id   Object ID to execute against.
 137           *     @type WP_User $user        The user being evaluated.
 138           *     @type mixed   $extra       Extra information given to the permission check.
 139           * }
 140           */
 141          return apply_filters( 'gp_can_user', $verdict, $filter_args );
 142      }
 143  }
 144  GP::$permission = new GP_Permission();