From 495f447b5c13b72c8f37c60ac3c597002b712c23 Mon Sep 17 00:00:00 2001 From: nikitozzzzzzz Date: Sun, 10 Sep 2017 20:06:00 +0300 Subject: [PATCH] - fixed accessible settings and register and password-reset page; - fixed roles filtration on social registration; --- includes/core/class-roles-capabilities.php | 5 +- includes/core/um-actions-access.php | 343 +++++++++++---------- includes/core/um-actions-register.php | 2 +- includes/um-short-functions.php | 13 +- 4 files changed, 191 insertions(+), 172 deletions(-) diff --git a/includes/core/class-roles-capabilities.php b/includes/core/class-roles-capabilities.php index 6606f6c2..8f85d799 100644 --- a/includes/core/class-roles-capabilities.php +++ b/includes/core/class-roles-capabilities.php @@ -103,14 +103,15 @@ if ( ! class_exists( 'Roles_Capabilities' ) ) { $role = $this->um_get_user_role( $user_id ); // User already has this role so no new role is set - if ( $new_role === $role ) { + if ( $new_role === $role || ( ! $this->is_role_custom( $new_role ) && user_can( $user, $new_role ) ) ) { $new_role = false; } else { // Users role is different than the new role // Remove the old UM role - if ( ! empty( $role ) && $this->is_role_custom( $role ) ) + if ( ! empty( $role ) && $this->is_role_custom( $role ) ) { $user->remove_role( $role ); + } // Add the new role if ( ! empty( $new_role ) ) { diff --git a/includes/core/um-actions-access.php b/includes/core/um-actions-access.php index e68715a3..fd077b3c 100644 --- a/includes/core/um-actions-access.php +++ b/includes/core/um-actions-access.php @@ -2,193 +2,199 @@ /** * Global Access Settings */ - add_action('um_access_global_settings','um_access_global_settings'); function um_access_global_settings() { global $post, $wp_query; - $access = um_get_option('accessible'); + $access = um_get_option( 'accessible' ); if ( $access == 2 && ! is_user_logged_in() ) { - $redirect = um_get_option( 'access_redirect' ); - if ( ! $redirect ) - $redirect = um_get_core_page('login'); + if ( um_is_core_post( $post, 'register' ) || um_is_core_post( $post, 'password-reset' ) ) { - $redirects[] = untrailingslashit( um_get_core_page('login') ); - $redirects[] = untrailingslashit( um_get_option( 'access_redirect' ) ); + UM()->access()->allow_access = true; - $exclude_uris = um_get_option( 'access_exclude_uris' ); - if ( $exclude_uris ) - $redirects = array_merge( $redirects, $exclude_uris ); + } else { - $redirects = array_unique( $redirects ); + $redirect = um_get_option( 'access_redirect' ); + if ( ! $redirect ) + $redirect = um_get_core_page( 'login' ); - $current_url = UM()->permalinks()->get_current_url( get_option( 'permalink_structure' ) ); - $current_url = untrailingslashit( $current_url ); - $current_url_slash = trailingslashit( $current_url ); + $redirects[] = untrailingslashit( um_get_core_page( 'login' ) ); + $redirects[] = untrailingslashit( um_get_option( 'access_redirect' ) ); - if ( isset( $post->ID ) && ( in_array( $current_url, $redirects ) || in_array( $current_url_slash, $redirects ) ) ) { - // allow - }else { - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - } + $exclude_uris = um_get_option( 'access_exclude_uris' ); + if ( $exclude_uris ) + $redirects = array_merge( $redirects, $exclude_uris ); - // Disallow access in homepage - if( /*is_front_page() ||*/ is_home() ){ - $home_page_accessible = um_get_option( "home_page_accessible" ); - if ( $home_page_accessible == 0 ) { - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + $redirects = array_unique( $redirects ); - wp_redirect( UM()->access()->redirect_handler ); exit; - } - - } + $current_url = UM()->permalinks()->get_current_url( get_option( 'permalink_structure' ) ); + $current_url = untrailingslashit( $current_url ); + $current_url_slash = trailingslashit( $current_url ); - // Disallow access in category pages - if ( is_category() ) { - $cat_obj = $wp_query->get_queried_object(); - $restriction = get_term_meta( $cat_obj->term_id, 'um_content_restriction', true ); + if ( isset( $post->ID ) && ( in_array( $current_url, $redirects ) || in_array( $current_url_slash, $redirects ) ) ) { + // allow + }else { + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + } - if ( ! empty( $restriction['_um_custom_access_settings'] ) ) { + // Disallow access in homepage + if( /*is_front_page() ||*/ is_home() ){ + $home_page_accessible = um_get_option( "home_page_accessible" ); + if ( $home_page_accessible == 0 ) { + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - if ( ! isset( $restriction['_um_accessible'] ) || '0' == $restriction['_um_accessible'] ) { - - UM()->access()->allow_access = true; - - } else { - //post is private - if ( '1' == $restriction['_um_accessible'] ) { - //if post for not logged in users and user is not logged in - if ( ! is_user_logged_in() || current_user_can( 'administrator' ) ) { - UM()->access()->allow_access = true; - } else { - if ( ! isset( $restriction['_um_noaccess_action'] ) || '0' == $restriction['_um_noaccess_action'] ) { - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - wp_redirect( UM()->access()->redirect_handler ); exit; - } elseif ( '1' == $restriction['_um_noaccess_action'] ) { - $curr = UM()->permalinks()->get_current_url(); - - if ( ! isset( $restriction['_um_access_redirect'] ) || '0' == $restriction['_um_access_redirect'] ) { - - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - wp_redirect( UM()->access()->redirect_handler ); exit; - - } elseif ( '1' == $restriction['_um_access_redirect'] ) { - - if ( ! empty( $restriction['_um_access_redirect_url'] ) ) { - $redirect = $restriction['_um_access_redirect_url']; - } else { - $redirect = esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) ); - } - - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - wp_redirect( UM()->access()->redirect_handler ); exit; - } - - } - } - } elseif ( '2' == $restriction['_um_accessible'] ) { - //if post for logged in users and user is not logged in - if ( is_user_logged_in() ) { - - if ( current_user_can( 'administrator' ) ) { - UM()->access()->allow_access = true; - } - - $user_can = $this->user_can( get_current_user_id(), $restriction['_um_access_roles'] ); - - if ( $user_can ) { - UM()->access()->allow_access = true; - } - - - //if single post query - if ( ! isset( $restriction['_um_noaccess_action'] ) || '0' == $restriction['_um_noaccess_action'] ) { - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - wp_redirect( UM()->access()->redirect_handler ); exit; - } elseif ( '1' == $restriction['_um_noaccess_action'] ) { - - $curr = UM()->permalinks()->get_current_url(); - - if ( ! isset( $restriction['_um_access_redirect'] ) || '0' == $restriction['_um_access_redirect'] ) { - - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - wp_redirect( UM()->access()->redirect_handler ); exit; - - } elseif ( '1' == $restriction['_um_access_redirect'] ) { - - if ( ! empty( $restriction['_um_access_redirect_url'] ) ) { - $redirect = $restriction['_um_access_redirect_url']; - } else { - $redirect = esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) ); - } - - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - wp_redirect( UM()->access()->redirect_handler ); exit; - } - - } - } else { - - //if single post query - if ( ! isset( $restriction['_um_noaccess_action'] ) || '0' == $restriction['_um_noaccess_action'] ) { - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - wp_redirect( UM()->access()->redirect_handler ); exit; - } elseif ( '1' == $restriction['_um_noaccess_action'] ) { - - $curr = UM()->permalinks()->get_current_url(); - - if ( ! isset( $restriction['_um_access_redirect'] ) || '0' == $restriction['_um_access_redirect'] ) { - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - wp_redirect( UM()->access()->redirect_handler ); exit; - } elseif ( '1' == $restriction['_um_access_redirect'] ) { - - if ( ! empty( $restriction['_um_access_redirect_url'] ) ) { - $redirect = $restriction['_um_access_redirect_url']; - } else { - $redirect = esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) ); - } - - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - wp_redirect( UM()->access()->redirect_handler ); exit; - } - } - } - } - } - } else { - - if ( is_user_logged_in() && current_user_can( 'administrator' ) ) { - UM()->access()->allow_access = true; - } else { - $category_page_accessible = um_get_option( "category_page_accessible" ); - if ( $category_page_accessible == 0 ) { - - UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); - wp_redirect( UM()->access()->redirect_handler ); exit; - - } else { - - UM()->access()->allow_access = true; - - } + wp_redirect( UM()->access()->redirect_handler ); exit; } } - } - } + // Disallow access in category pages + if ( is_category() ) { + $cat_obj = $wp_query->get_queried_object(); + $restriction = get_term_meta( $cat_obj->term_id, 'um_content_restriction', true ); + + if ( ! empty( $restriction['_um_custom_access_settings'] ) ) { + + if ( ! isset( $restriction['_um_accessible'] ) || '0' == $restriction['_um_accessible'] ) { + + UM()->access()->allow_access = true; + + } else { + //post is private + if ( '1' == $restriction['_um_accessible'] ) { + //if post for not logged in users and user is not logged in + if ( ! is_user_logged_in() || current_user_can( 'administrator' ) ) { + UM()->access()->allow_access = true; + } else { + if ( ! isset( $restriction['_um_noaccess_action'] ) || '0' == $restriction['_um_noaccess_action'] ) { + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + wp_redirect( UM()->access()->redirect_handler ); exit; + } elseif ( '1' == $restriction['_um_noaccess_action'] ) { + $curr = UM()->permalinks()->get_current_url(); + + if ( ! isset( $restriction['_um_access_redirect'] ) || '0' == $restriction['_um_access_redirect'] ) { + + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + wp_redirect( UM()->access()->redirect_handler ); exit; + + } elseif ( '1' == $restriction['_um_access_redirect'] ) { + + if ( ! empty( $restriction['_um_access_redirect_url'] ) ) { + $redirect = $restriction['_um_access_redirect_url']; + } else { + $redirect = esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) ); + } + + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + wp_redirect( UM()->access()->redirect_handler ); exit; + } + + } + } + } elseif ( '2' == $restriction['_um_accessible'] ) { + //if post for logged in users and user is not logged in + if ( is_user_logged_in() ) { + + if ( current_user_can( 'administrator' ) ) { + UM()->access()->allow_access = true; + } + + $user_can = $this->user_can( get_current_user_id(), $restriction['_um_access_roles'] ); + + if ( $user_can ) { + UM()->access()->allow_access = true; + } + + + //if single post query + if ( ! isset( $restriction['_um_noaccess_action'] ) || '0' == $restriction['_um_noaccess_action'] ) { + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + wp_redirect( UM()->access()->redirect_handler ); exit; + } elseif ( '1' == $restriction['_um_noaccess_action'] ) { + + $curr = UM()->permalinks()->get_current_url(); + + if ( ! isset( $restriction['_um_access_redirect'] ) || '0' == $restriction['_um_access_redirect'] ) { + + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + wp_redirect( UM()->access()->redirect_handler ); exit; + + } elseif ( '1' == $restriction['_um_access_redirect'] ) { + + if ( ! empty( $restriction['_um_access_redirect_url'] ) ) { + $redirect = $restriction['_um_access_redirect_url']; + } else { + $redirect = esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) ); + } + + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + wp_redirect( UM()->access()->redirect_handler ); exit; + } + + } + } else { + + //if single post query + if ( ! isset( $restriction['_um_noaccess_action'] ) || '0' == $restriction['_um_noaccess_action'] ) { + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + wp_redirect( UM()->access()->redirect_handler ); exit; + } elseif ( '1' == $restriction['_um_noaccess_action'] ) { + + $curr = UM()->permalinks()->get_current_url(); + + if ( ! isset( $restriction['_um_access_redirect'] ) || '0' == $restriction['_um_access_redirect'] ) { + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + wp_redirect( UM()->access()->redirect_handler ); exit; + } elseif ( '1' == $restriction['_um_access_redirect'] ) { + + if ( ! empty( $restriction['_um_access_redirect_url'] ) ) { + $redirect = $restriction['_um_access_redirect_url']; + } else { + $redirect = esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) ); + } + + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + wp_redirect( UM()->access()->redirect_handler ); exit; + } + } + } + } + } + } else { + + if ( is_user_logged_in() && current_user_can( 'administrator' ) ) { + UM()->access()->allow_access = true; + } else { + $category_page_accessible = um_get_option( "category_page_accessible" ); + if ( $category_page_accessible == 0 ) { + + UM()->access()->redirect_handler = UM()->access()->set_referer( $redirect, "global" ); + wp_redirect( UM()->access()->redirect_handler ); exit; + + } else { + + UM()->access()->allow_access = true; + + } + } + + } + } + } + } $current_page_type = um_get_current_page_type(); - do_action("um_access_post_type",$current_page_type); - do_action("um_access_post_type_{$current_page_type}"); + do_action( 'um_access_post_type', $current_page_type ); + do_action( "um_access_post_type_{$current_page_type}" ); } + add_action( 'um_access_global_settings', 'um_access_global_settings' ); + /** * Custom User homepage redirection */ - add_action( "um_access_user_custom_homepage", "um_access_user_custom_homepage" ); function um_access_user_custom_homepage() { if( ! is_user_logged_in() ) return; if ( ! is_home() ) return; @@ -206,11 +212,12 @@ } } + add_action( 'um_access_user_custom_homepage', 'um_access_user_custom_homepage' ); + /** * Front page access settings */ - add_action('um_access_frontpage_per_role','um_access_frontpage_per_role'); function um_access_frontpage_per_role() { global $post; @@ -322,11 +329,12 @@ } } + add_action( 'um_access_frontpage_per_role', 'um_access_frontpage_per_role' ); + /** * Posts page access settings */ - add_action('um_access_homepage_per_role','um_access_homepage_per_role'); function um_access_homepage_per_role() { global $post; @@ -450,12 +458,14 @@ } } } + add_action( 'um_access_homepage_per_role', 'um_access_homepage_per_role' ); - /** - * Profile Access - */ - add_action( 'um_access_profile', 'um_access_profile' ); + /** + * Profile Access + * + * @param int $user_id + */ function um_access_profile( $user_id ) { if ( ! um_is_myprofile() && um_is_core_page( 'user' ) && ! current_user_can( 'edit_users' ) ) { @@ -469,4 +479,5 @@ um_reset_user(); } - } \ No newline at end of file + } + add_action( 'um_access_profile', 'um_access_profile' ); \ No newline at end of file diff --git a/includes/core/um-actions-register.php b/includes/core/um-actions-register.php index 0bcf5a8d..8d8bf0c3 100644 --- a/includes/core/um-actions-register.php +++ b/includes/core/um-actions-register.php @@ -206,7 +206,7 @@ $args['submitted'] = array_merge( $args['submitted'], $credentials ); $args = array_merge( $args, $credentials ); - $user_role = UM()->form()->assigned_role( UM()->form()->form_id ); + $user_role = apply_filters( 'um_registration_user_role', UM()->form()->assigned_role( UM()->form()->form_id ), $args ); $userdata = array( 'user_login' => $user_login, diff --git a/includes/um-short-functions.php b/includes/um-short-functions.php index 05a7d491..efbaf5cd 100644 --- a/includes/um-short-functions.php +++ b/includes/um-short-functions.php @@ -674,9 +674,16 @@ return false; } - /*** - *** @boolean check if we are on a core page or not - ***/ + + /** + * Check if we are on a UM Core Page or not + * + * Default um core pages slugs + * 'user', 'login', 'register', 'members', 'logout', 'account', 'password-reset' + * + * @param string $page UM core page slug + * @return bool + */ function um_is_core_page( $page ) { global $post;