You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 

289 lines
6.4 KiB

  1. <?php
  2. /**
  3. * User API: WP_Roles class
  4. *
  5. * @package WordPress
  6. * @subpackage Users
  7. * @since 4.4.0
  8. */
  9. /**
  10. * Core class used to implement a user roles API.
  11. *
  12. * The role option is simple, the structure is organized by role name that store
  13. * the name in value of the 'name' key. The capabilities are stored as an array
  14. * in the value of the 'capability' key.
  15. *
  16. * array (
  17. * 'rolename' => array (
  18. * 'name' => 'rolename',
  19. * 'capabilities' => array()
  20. * )
  21. * )
  22. *
  23. * @since 2.0.0
  24. */
  25. class WP_Roles {
  26. /**
  27. * List of roles and capabilities.
  28. *
  29. * @since 2.0.0
  30. * @access public
  31. * @var array
  32. */
  33. public $roles;
  34. /**
  35. * List of the role objects.
  36. *
  37. * @since 2.0.0
  38. * @access public
  39. * @var array
  40. */
  41. public $role_objects = array();
  42. /**
  43. * List of role names.
  44. *
  45. * @since 2.0.0
  46. * @access public
  47. * @var array
  48. */
  49. public $role_names = array();
  50. /**
  51. * Option name for storing role list.
  52. *
  53. * @since 2.0.0
  54. * @access public
  55. * @var string
  56. */
  57. public $role_key;
  58. /**
  59. * Whether to use the database for retrieval and storage.
  60. *
  61. * @since 2.1.0
  62. * @access public
  63. * @var bool
  64. */
  65. public $use_db = true;
  66. /**
  67. * Constructor
  68. *
  69. * @since 2.0.0
  70. */
  71. public function __construct() {
  72. $this->_init();
  73. }
  74. /**
  75. * Make private/protected methods readable for backward compatibility.
  76. *
  77. * @since 4.0.0
  78. * @access public
  79. *
  80. * @param callable $name Method to call.
  81. * @param array $arguments Arguments to pass when calling.
  82. * @return mixed|false Return value of the callback, false otherwise.
  83. */
  84. public function __call( $name, $arguments ) {
  85. if ( '_init' === $name ) {
  86. return call_user_func_array( array( $this, $name ), $arguments );
  87. }
  88. return false;
  89. }
  90. /**
  91. * Set up the object properties.
  92. *
  93. * The role key is set to the current prefix for the $wpdb object with
  94. * 'user_roles' appended. If the $wp_user_roles global is set, then it will
  95. * be used and the role option will not be updated or used.
  96. *
  97. * @since 2.1.0
  98. * @access protected
  99. *
  100. * @global array $wp_user_roles Used to set the 'roles' property value.
  101. */
  102. protected function _init() {
  103. global $wp_user_roles, $wpdb;
  104. $this->role_key = $wpdb->get_blog_prefix() . 'user_roles';
  105. if ( ! empty( $wp_user_roles ) ) {
  106. $this->roles = $wp_user_roles;
  107. $this->use_db = false;
  108. } else {
  109. $this->roles = get_option( $this->role_key );
  110. }
  111. if ( empty( $this->roles ) )
  112. return;
  113. $this->role_objects = array();
  114. $this->role_names = array();
  115. foreach ( array_keys( $this->roles ) as $role ) {
  116. $this->role_objects[$role] = new WP_Role( $role, $this->roles[$role]['capabilities'] );
  117. $this->role_names[$role] = $this->roles[$role]['name'];
  118. }
  119. /**
  120. * After the roles have been initialized, allow plugins to add their own roles.
  121. *
  122. * @since 4.7.0
  123. *
  124. * @param WP_Roles $this A reference to the WP_Roles object.
  125. */
  126. do_action( 'wp_roles_init', $this );
  127. }
  128. /**
  129. * Reinitialize the object
  130. *
  131. * Recreates the role objects. This is typically called only by switch_to_blog()
  132. * after switching wpdb to a new site ID.
  133. *
  134. * @since 3.5.0
  135. * @deprecated 4.7.0 Use new WP_Roles()
  136. * @access public
  137. */
  138. public function reinit() {
  139. _deprecated_function( __METHOD__, '4.7.0', 'new WP_Roles()' );
  140. $this->_init();
  141. }
  142. /**
  143. * Add role name with capabilities to list.
  144. *
  145. * Updates the list of roles, if the role doesn't already exist.
  146. *
  147. * The capabilities are defined in the following format `array( 'read' => true );`
  148. * To explicitly deny a role a capability you set the value for that capability to false.
  149. *
  150. * @since 2.0.0
  151. * @access public
  152. *
  153. * @param string $role Role name.
  154. * @param string $display_name Role display name.
  155. * @param array $capabilities List of role capabilities in the above format.
  156. * @return WP_Role|void WP_Role object, if role is added.
  157. */
  158. public function add_role( $role, $display_name, $capabilities = array() ) {
  159. if ( empty( $role ) || isset( $this->roles[ $role ] ) ) {
  160. return;
  161. }
  162. $this->roles[$role] = array(
  163. 'name' => $display_name,
  164. 'capabilities' => $capabilities
  165. );
  166. if ( $this->use_db )
  167. update_option( $this->role_key, $this->roles );
  168. $this->role_objects[$role] = new WP_Role( $role, $capabilities );
  169. $this->role_names[$role] = $display_name;
  170. return $this->role_objects[$role];
  171. }
  172. /**
  173. * Remove role by name.
  174. *
  175. * @since 2.0.0
  176. * @access public
  177. *
  178. * @param string $role Role name.
  179. */
  180. public function remove_role( $role ) {
  181. if ( ! isset( $this->role_objects[$role] ) )
  182. return;
  183. unset( $this->role_objects[$role] );
  184. unset( $this->role_names[$role] );
  185. unset( $this->roles[$role] );
  186. if ( $this->use_db )
  187. update_option( $this->role_key, $this->roles );
  188. if ( get_option( 'default_role' ) == $role )
  189. update_option( 'default_role', 'subscriber' );
  190. }
  191. /**
  192. * Add capability to role.
  193. *
  194. * @since 2.0.0
  195. * @access public
  196. *
  197. * @param string $role Role name.
  198. * @param string $cap Capability name.
  199. * @param bool $grant Optional, default is true. Whether role is capable of performing capability.
  200. */
  201. public function add_cap( $role, $cap, $grant = true ) {
  202. if ( ! isset( $this->roles[$role] ) )
  203. return;
  204. $this->roles[$role]['capabilities'][$cap] = $grant;
  205. if ( $this->use_db )
  206. update_option( $this->role_key, $this->roles );
  207. }
  208. /**
  209. * Remove capability from role.
  210. *
  211. * @since 2.0.0
  212. * @access public
  213. *
  214. * @param string $role Role name.
  215. * @param string $cap Capability name.
  216. */
  217. public function remove_cap( $role, $cap ) {
  218. if ( ! isset( $this->roles[$role] ) )
  219. return;
  220. unset( $this->roles[$role]['capabilities'][$cap] );
  221. if ( $this->use_db )
  222. update_option( $this->role_key, $this->roles );
  223. }
  224. /**
  225. * Retrieve role object by name.
  226. *
  227. * @since 2.0.0
  228. * @access public
  229. *
  230. * @param string $role Role name.
  231. * @return WP_Role|null WP_Role object if found, null if the role does not exist.
  232. */
  233. public function get_role( $role ) {
  234. if ( isset( $this->role_objects[$role] ) )
  235. return $this->role_objects[$role];
  236. else
  237. return null;
  238. }
  239. /**
  240. * Retrieve list of role names.
  241. *
  242. * @since 2.0.0
  243. * @access public
  244. *
  245. * @return array List of role names.
  246. */
  247. public function get_names() {
  248. return $this->role_names;
  249. }
  250. /**
  251. * Whether role name is currently in the list of available roles.
  252. *
  253. * @since 2.0.0
  254. * @access public
  255. *
  256. * @param string $role Role name to look up.
  257. * @return bool
  258. */
  259. public function is_role( $role ) {
  260. return isset( $this->role_names[$role] );
  261. }
  262. }