[wp-hackers] User Capabilities
Owen Winkler
ringmaster at midnightcircus.com
Sun Jul 10 12:38:44 GMT 2005
David House wrote:
>I'm trying to try this out! What program are you both using to
>generate your diffs? GNU patch 2.5.9 is erroring on every single hunk;
>I can't apply that diff.
>
>There's no svn subcommand that will apply patches, is there? I don't
>think svn merge does it.
>
>
Oops. I think maybe this diff will work better. (The capabilities.php
is the same as the last.)
I'm using TortoiseSVN on Windows to generate and apply patches. I
hacked up the last one a bit to remove some media functions from the
patch and I think I mangled the section for functions.php in the
process, but I tried this patch myself on a fresh svn Update and it
worked swell.
I know that command-line svn offers diff output (via svn diff), but I
don't see the command to apply a patch from SVN. Maybe give GNU patch
another try with the included diff?
Owen
-------------- next part --------------
Index: functions.php
===================================================================
--- wp-includes/functions.php (revision 2702)
+++ wp-includes/functions.php (working copy)
@@ -1218,32 +1218,11 @@
function update_category_cache() {
global $cache_categories, $wpdb;
- $dogs = $wpdb->get_results("SELECT * FROM $wpdb->categories");
- foreach ($dogs as $catt)
- $cache_categories[$catt->cat_ID] = $catt;
-}
-
-function update_user_cache() {
- global $cache_userdata, $wpdb;
- $level_key = $wpdb->prefix . 'user_level';
- $user_ids = $wpdb->get_col("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'");
- $user_ids = join(',', $user_ids);
- $query = apply_filters('user_cache_query', "SELECT * FROM $wpdb->users WHERE ID IN ($user_ids)");
- if ( $users = $wpdb->get_results( $query ) ) :
- foreach ($users as $user) :
- $metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user->ID'");
- foreach ( $metavalues as $meta ) {
- $user->{$meta->meta_key} = $meta->meta_value;
- // We need to set user_level from meta, not row
- if ( $wpdb->prefix . 'user_level' == $meta->meta_key )
- $user->user_level = $meta->meta_value;
- }
-
- $cache_userdata[$user->ID] = $user;
- $cache_userdata[$user->user_login] =& $cache_userdata[$user->ID];
- endforeach;
+ if($dogs = $wpdb->get_results("SELECT * FROM $wpdb->categories")):
+ foreach ($dogs as $catt)
+ $cache_categories[$catt->cat_ID] = $catt;
return true;
- else :
+ else:
return false;
endif;
}
@@ -1959,11 +1938,38 @@
@ header('Pragma: no-cache');
}
+function get_usermeta( $user_id, $meta_key = '') {
+ global $wpdb;
+ $user_id = (int) $user_id;
+
+ if ( !empty($meta_key) ) {
+ $meta_key = preg_replace('|a-z0-9_|i', '', $meta_key);
+ $metas = $wpdb->get_results("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id' AND meta_key = '$meta_key'");
+ } else {
+ $metas = $wpdb->get_results("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id'");
+ }
+
+ foreach ($metas as $index => $meta) {
+ @ $value = unserialize($meta->meta_key);
+ if ($value !== FALSE)
+ $metas[$index]->meta_key = $value;
+ }
+
+ if ( !empty($meta_key) )
+ return $metas[0];
+ else
+ return $metas;
+}
+
function update_usermeta( $user_id, $meta_key, $meta_value ) {
global $wpdb;
if ( !is_numeric( $user_id ) )
return false;
$meta_key = preg_replace('|a-z0-9_|i', '', $meta_key);
+
+ if ( is_array($meta_value) || is_object($meta_value) )
+ $meta_value = serialize($meta_value);
+
$cur = $wpdb->get_row("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id' AND meta_key = '$meta_key'");
if ( !$cur ) {
$wpdb->query("INSERT INTO $wpdb->usermeta ( user_id, meta_key, meta_value )
@@ -1991,4 +1997,4 @@
return preg_replace('/^.*wp-content[\\\\\/]plugins[\\\\\/]/', '', $file);
}
-?>
\ No newline at end of file
+?>
Index: wp-includes/pluggable-functions.php
===================================================================
--- wp-includes/pluggable-functions.php (revision 2702)
+++ wp-includes/pluggable-functions.php (working copy)
@@ -19,7 +19,8 @@
$user_url = $userdata->user_url;
$user_pass_md5 = md5($userdata->user_pass);
$user_identity = $userdata->display_name;
- $current_user = $userdata;
+ if ( empty($current_user) )
+ $current_user = new WP_User($user_ID);
}
endif;
@@ -29,7 +30,7 @@
$user_id = (int) $user_id;
if ( $user_id == 0 )
return false;
-
+
if ( isset( $cache_userdata[$user_id] ) )
return $cache_userdata[$user_id];
@@ -39,20 +40,53 @@
$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user_id'");
foreach ( $metavalues as $meta ) {
- $user->{$meta->meta_key} = $meta->meta_value;
+ @ $value = unserialize($meta->meta_value);
+ if ($value === FALSE)
+ $value = $meta->meta_value;
+ $user->{$meta->meta_key} = $value;
+
// We need to set user_level from meta, not row
if ( $wpdb->prefix . 'user_level' == $meta->meta_key )
$user->user_level = $meta->meta_value;
}
$cache_userdata[$user_id] = $user;
-
$cache_userdata[$cache_userdata[$userid]->user_login] =& $cache_userdata[$user_id];
return $cache_userdata[$user_id];
}
endif;
+if ( !function_exists('update_user_cache') ) :
+function update_user_cache() {
+ global $cache_userdata, $wpdb;
+ $level_key = $wpdb->prefix . 'user_level';
+ $user_ids = $wpdb->get_col("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'");
+ $user_ids = join(',', $user_ids);
+ $query = apply_filters('user_cache_query', "SELECT * FROM $wpdb->users WHERE ID IN ($user_ids)");
+ if ( $users = $wpdb->get_results( $query ) ) :
+ foreach ($users as $user) :
+ $metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user->ID'");
+ foreach ( $metavalues as $meta ) {
+ @ $value = unserialize($meta->meta_value);
+ if ($value === FALSE)
+ $value = $meta->meta_value;
+ $user->{$meta->meta_key} = $value;
+ // We need to set user_level from meta, not row
+ if ( $wpdb->prefix . 'user_level' == $meta->meta_key )
+ $user->user_level = $meta->meta_value;
+ }
+
+ $cache_userdata[$user->ID] = $user;
+ $cache_userdata[$user->user_login] =& $cache_userdata[$user->ID];
+ endforeach;
+ return true;
+ else :
+ return false;
+ endif;
+}
+endif;
+
if ( !function_exists('get_userdatabylogin') ) :
function get_userdatabylogin($user_login) {
global $cache_userdata, $wpdb;
Index: wp-settings.php
===================================================================
--- wp-settings.php (revision 2702)
+++ wp-settings.php (working copy)
@@ -74,7 +74,7 @@
require_once (ABSPATH . WPINC . '/wp-l10n.php');
$wpdb->hide_errors();
-if ( !update_user_cache() && (!strstr($_SERVER['PHP_SELF'], 'install.php') && !defined('WP_INSTALLING')) ) {
+if ( !update_category_cache() && (!strstr($_SERVER['PHP_SELF'], 'install.php') && !defined('WP_INSTALLING')) ) {
if ( strstr($_SERVER['PHP_SELF'], 'wp-admin') )
$link = 'install.php';
else
@@ -85,6 +85,7 @@
require (ABSPATH . WPINC . '/functions-formatting.php');
require (ABSPATH . WPINC . '/functions-post.php');
+require (ABSPATH . WPINC . '/capabilities.php');
require (ABSPATH . WPINC . '/classes.php');
require (ABSPATH . WPINC . '/template-functions-general.php');
require (ABSPATH . WPINC . '/template-functions-links.php');
@@ -160,7 +161,8 @@
$wp_query = new WP_Query();
$wp_rewrite = new WP_Rewrite();
$wp = new WP();
+$wp_roles = new WP_Roles();
// Everything is loaded and initialized.
do_action('init');
-?>
\ No newline at end of file
+?>
Index: wp-admin/post.php
===================================================================
--- wp-admin/post.php (revision 2702)
+++ wp-admin/post.php (working copy)
@@ -66,7 +66,7 @@
$post_ID = $p = (int) $_GET['post'];
- if ( !user_can_edit_post($user_ID, $post_ID) )
+ if ( !current_user_can('edit_post', $post_ID) )
die ( __('You are not allowed to edit this post.') );
if ( !user_can_edit_post($user_ID, $post_ID) )
@@ -322,7 +322,7 @@
<div class="updated"><p><?php printf(__('Post saved. <a href="%s">View site »</a>'), get_bloginfo('home')); ?></p></div>
<?php endif; ?>
<?php
- if ( user_can_create_draft($user_ID) ) {
+ if (user_can_create_draft($user_ID)) {
$action = 'post';
get_currentuserinfo();
if ( $drafts = get_users_drafts( $user_ID ) ) {
@@ -332,13 +332,13 @@
<?php
for ( $i = 0; $i < 15; $i++ ) {
$draft = $drafts[$i];
- if ( 0 != $i )
+ if (0 != $i)
echo ', ';
$draft->post_title = stripslashes($draft->post_title);
if ( empty($draft->post_title) )
$draft->post_title = sprintf(__('Post # %s'), $draft->ID);
echo "<a href='post.php?action=edit&post=$draft->ID' title='" . __('Edit this draft') . "'>$draft->post_title</a>";
- }
+ }
?>
<?php if ( 15 < count($drafts) ) { ?>
, <a href="edit.php"><?php echo sprintf(__('and %s more'), (count($drafts) - 15) ); ?> »</a>
Index: wp-admin/upgrade-functions.php
===================================================================
--- wp-admin/upgrade-functions.php (revision 2702)
+++ wp-admin/upgrade-functions.php (working copy)
@@ -226,8 +226,11 @@
update_usermeta( $user->ID, 'last_name', $wpdb->escape($user->user_lastname) );
if ( !empty( $user->user_nickname ) )
update_usermeta( $user->ID, 'nickname', $wpdb->escape($user->user_nickname) );
- if ( !empty( $user->user_level ) )
+ if ( !empty( $user->user_level ) ) {
update_usermeta( $user->ID, $table_prefix . 'user_level', $user->user_level );
+ $role = translate_level_to_role($user->user_level);
+ update_usermeta( $user->ID, $table_prefix . 'capabilities', array($role => true) );
+ }
if ( !empty( $user->user_icq ) )
update_usermeta( $user->ID, 'icq', $wpdb->escape($user->user_icq) );
if ( !empty( $user->user_aim ) )
@@ -749,4 +752,27 @@
}
return $template;
}
-?>
\ No newline at end of file
+
+function translate_level_to_role($level) {
+ switch ($level) {
+ case 10:
+ case 9:
+ case 8:
+ return 'publisher';
+ case 7:
+ case 6:
+ case 5:
+ return 'managing_editor';
+ case 4:
+ case 3:
+ return 'copy_editor';
+ case 2:
+ return 'staff_writer';
+ case 1:
+ return 'freelancer';
+ case 0:
+ return 'visitor';
+ }
+}
+
+?>
Index: wp-admin/upgrade-schema.php
===================================================================
--- wp-admin/upgrade-schema.php (revision 2702)
+++ wp-admin/upgrade-schema.php (working copy)
@@ -216,6 +216,8 @@
// 1.5.1
add_option('use_trackback', 0);
+ populate_roles();
+
// Delete unused options
$unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl', 'weblogs_xml_url');
foreach ($unusedoptions as $option) :
@@ -229,4 +231,101 @@
endforeach;
}
+function populate_roles() {
+ global $table_prefix;
+
+ $roles = array ('publisher' =>
+ array('name' => __('Publisher'),
+ 'capabilities' => array(
+ 'edit_posts' => true,
+ 'edit_others_posts' => true,
+ 'edit_published_posts' => true,
+ 'publish_posts' => true,
+ 'edit_pages' => true,
+ 'manage_categories' => true,
+ 'manage_links' => true,
+ 'upload_images' => true,
+ 'manage_options' => true,
+ 'switch_themes' => true,
+ 'edit_themes' => true,
+ 'activate_plugins' => true,
+ 'edit_plugins' => true,
+ 'edit_users' => true,
+ 'edit_files' => true,
+ 'read' => true,
+ 'level_10' => true,
+ 'level_9' => true,
+ 'level_8' => true
+ )),
+
+ 'managing_editor' =>
+ array('name' => __('Managing Editor'),
+ 'capabilities' => array(
+ 'edit_posts' => true,
+ 'edit_others_posts' => true,
+ 'edit_published_posts' => true,
+ 'publish_posts' => true,
+ 'edit_pages' => true,
+ 'manage_categories' => true,
+ 'manage_links' => true,
+ 'upload_images' => true,
+ 'read' => true,
+ 'level_7' => true,
+ 'level_6' => true,
+ 'level_5' => true
+ )),
+
+ 'copy_editor' =>
+ array('name' => __('Copy Editor'),
+ 'capabilities' => array(
+ 'edit_posts' => true,
+ 'edit_others_posts' => true,
+ 'edit_published_posts' => true,
+ 'publish_posts' => true,
+ 'edit_pages' => true,
+ 'upload_images' => true,
+ 'read' => true,
+ 'level_4' => true,
+ 'level_3' => true
+ )),
+
+ 'staff_writer' =>
+ array('name' => __('Staff Writer'),
+ 'capabilities' => array(
+ 'edit_posts' => true,
+ 'publish_posts' => true,
+ 'upload_images' => true,
+ 'read' => true,
+ 'level_2' => true
+ )),
+
+ 'freelancer' =>
+ array('name' => __('Freelancer'),
+ 'capabilities' => array(
+ 'edit_posts' => true,
+ 'read' => true,
+ 'level_1' => true
+ )),
+
+ 'designer' =>
+ array('name' => __('Designer'),
+ 'capabilities' => array(
+ 'edit_themes' => true,
+ 'read' => true
+ )),
+
+ 'subscriber' =>
+ array('name' => __('Subscriber'),
+ 'capabilities' => array(
+ 'read' => true,
+ 'level_0' => true
+ )),
+
+ 'inactive' =>
+ array('name' => __('Inactive'),
+ 'capabilities' => array())
+ );
+
+ add_option($table_prefix . 'user_roles', $roles);
+}
?>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: capabilities.php
Type: text/x-patch
Size: 6173 bytes
Desc: not available
Url : http://comox.textdrive.com/pipermail/wp-hackers/attachments/20050710/100d9b60/capabilities.bin
More information about the wp-hackers
mailing list