From fdce17d420717ee93c21e3fbf363cbf30c3f1d8e Mon Sep 17 00:00:00 2001 From: nikitozzzzzzz Date: Wed, 8 Nov 2017 13:00:02 +0200 Subject: [PATCH] - fixed user verification content restriction; --- includes/admin/core/class-admin-metabox.php | 424 ++++++++++---------- includes/core/class-access.php | 13 +- 2 files changed, 222 insertions(+), 215 deletions(-) diff --git a/includes/admin/core/class-admin-metabox.php b/includes/admin/core/class-admin-metabox.php index 1374d1f7..1a5c5f7a 100644 --- a/includes/admin/core/class-admin-metabox.php +++ b/includes/admin/core/class-admin-metabox.php @@ -214,111 +214,113 @@ if ( ! class_exists( 'Admin_Metabox' ) ) { function um_category_access_fields_create() { $data = array(); + $fields = apply_filters( 'um_admin_category_access_settings_fields', array( + array( + 'id' => '_um_custom_access_settings', + 'type' => 'checkbox', + 'name' => '_um_custom_access_settings', + 'label' => __( 'Restrict access to this content?', 'ultimate-member' ), + 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), + 'value' => ! empty( $data['_um_custom_access_settings'] ) ? $data['_um_custom_access_settings'] : 0, + ), + array( + 'id' => '_um_accessible', + 'type' => 'select', + 'name' => '_um_accessible', + 'label' => __( 'Who can access this content?', 'ultimate-member' ), + 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), + 'value' => ! empty( $data['_um_accessible'] ) ? $data['_um_accessible'] : 0, + 'options' => array( + '0' => __( 'Everyone', 'ultimate-member' ), + '1' => __( 'Logged out users', 'ultimate-member' ), + '2' => __( 'Logged in users', 'ultimate-member' ), + ), + 'conditional' => array( '_um_custom_access_settings', '=', '1' ) + ), + array( + 'id' => '_um_access_roles', + 'type' => 'multi_checkbox', + 'name' => '_um_access_roles', + 'label' => __( 'Select which roles can access this content', 'ultimate-member' ), + 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), + 'options' => UM()->roles()->get_roles( false, array( 'administrator' ) ), + 'columns' => 3, + 'conditional' => array( '_um_accessible', '=', '2' ) + ), + array( + 'id' => '_um_noaccess_action', + 'type' => 'select', + 'name' => '_um_noaccess_action', + 'label' => __( 'What happens when users without access tries to view the content?', 'ultimate-member' ), + 'description' => __( 'Action when users without access tries to view the content', 'ultimate-member' ), + 'value' => ! empty( $data['_um_noaccess_action'] ) ? $data['_um_noaccess_action'] : 0, + 'options' => array( + '0' => __( 'Show access restricted message', 'ultimate-member' ), + '1' => __( 'Redirect user', 'ultimate-member' ), + ), + 'conditional' => array( '_um_accessible', '!=', '0' ) + ), + array( + 'id' => '_um_restrict_by_custom_message', + 'type' => 'select', + 'name' => '_um_restrict_by_custom_message', + 'label' => __( 'Would you like to use the global default message or apply a custom message to this content?', 'ultimate-member' ), + 'description' => __( 'Action when users without access tries to view the content', 'ultimate-member' ), + 'value' => ! empty( $data['_um_restrict_by_custom_message'] ) ? $data['_um_restrict_by_custom_message'] : '0', + 'options' => array( + '0' => __( 'Global default message (default)', 'ultimate-member' ), + '1' => __( 'Custom message', 'ultimate-member' ), + ), + 'conditional' => array( '_um_noaccess_action', '=', '0' ) + ), + array( + 'id' => '_um_restrict_custom_message', + 'type' => 'wp_editor', + 'name' => '_um_restrict_custom_message', + 'label' => __( 'Custom Restrict Content message', 'ultimate-member' ), + 'description' => __( 'Changed global restrict message', 'ultimate-member' ), + 'value' => ! empty( $data['_um_restrict_custom_message'] ) ? $data['_um_restrict_custom_message'] : '', + 'conditional' => array( '_um_restrict_by_custom_message', '=', '1' ) + ), + array( + 'id' => '_um_access_redirect', + 'type' => 'select', + 'name' => '_um_access_redirect', + 'label' => __( 'Where should users be redirected to?', 'ultimate-member' ), + 'description' => __( 'Select redirect to page when user hasn\'t access to content', 'ultimate-member' ), + 'value' => ! empty( $data['_um_access_redirect'] ) ? $data['_um_access_redirect'] : '0', + 'conditional' => array( '_um_noaccess_action', '=', '1' ), + 'options' => array( + '0' => __( 'Login page', 'ultimate-member' ), + '1' => __( 'Custom URL', 'ultimate-member' ), + ), + ), + array( + 'id' => '_um_access_redirect_url', + 'type' => 'text', + 'name' => '_um_access_redirect_url', + 'label' => __( 'Redirect URL', 'ultimate-member' ), + 'description' => __( 'Changed global restrict message', 'ultimate-member' ), + 'value' => ! empty( $data['_um_access_redirect_url'] ) ? $data['_um_access_redirect_url'] : '', + 'conditional' => array( '_um_access_redirect', '=', '1' ) + ), + array( + 'id' => '_um_access_hide_from_queries', + 'type' => 'checkbox', + 'name' => '_um_access_hide_from_queries', + 'label' => __( 'Hide from queries', 'ultimate-member' ), + 'description' => __( 'Hide this content from archives, RSS feeds etc for users who do not have permission to view this content', 'ultimate-member' ), + 'value' => ! empty( $data['_um_access_hide_from_queries'] ) ? $data['_um_access_hide_from_queries'] : '', + 'conditional' => array( '_um_accessible', '!=', '0' ) + ) + ), $data, 'create' ); + UM()->admin_forms( array( 'class' => 'um-restrict-content um-third-column', 'prefix_id' => 'um_content_restriction', 'without_wrapper' => true, 'div_line' => true, - 'fields' => array( - array( - 'id' => '_um_custom_access_settings', - 'type' => 'checkbox', - 'name' => '_um_custom_access_settings', - 'label' => __( 'Restrict access to this content?', 'ultimate-member' ), - 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), - 'value' => ! empty( $data['_um_custom_access_settings'] ) ? $data['_um_custom_access_settings'] : 0, - ), - array( - 'id' => '_um_accessible', - 'type' => 'select', - 'name' => '_um_accessible', - 'label' => __( 'Who can access this content?', 'ultimate-member' ), - 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), - 'value' => ! empty( $data['_um_accessible'] ) ? $data['_um_accessible'] : 0, - 'options' => array( - '0' => __( 'Everyone', 'ultimate-member' ), - '1' => __( 'Logged out users', 'ultimate-member' ), - '2' => __( 'Logged in users', 'ultimate-member' ), - ), - 'conditional' => array( '_um_custom_access_settings', '=', '1' ) - ), - array( - 'id' => '_um_access_roles', - 'type' => 'multi_checkbox', - 'name' => '_um_access_roles', - 'label' => __( 'Select which roles can access this content', 'ultimate-member' ), - 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), - 'options' => UM()->roles()->get_roles( false, array( 'administrator' ) ), - 'columns' => 3, - 'conditional' => array( '_um_accessible', '=', '2' ) - ), - array( - 'id' => '_um_noaccess_action', - 'type' => 'select', - 'name' => '_um_noaccess_action', - 'label' => __( 'What happens when users without access tries to view the content?', 'ultimate-member' ), - 'description' => __( 'Action when users without access tries to view the content', 'ultimate-member' ), - 'value' => ! empty( $data['_um_noaccess_action'] ) ? $data['_um_noaccess_action'] : 0, - 'options' => array( - '0' => __( 'Show access restricted message', 'ultimate-member' ), - '1' => __( 'Redirect user', 'ultimate-member' ), - ), - 'conditional' => array( '_um_accessible', '!=', '0' ) - ), - array( - 'id' => '_um_restrict_by_custom_message', - 'type' => 'select', - 'name' => '_um_restrict_by_custom_message', - 'label' => __( 'Would you like to use the global default message or apply a custom message to this content?', 'ultimate-member' ), - 'description' => __( 'Action when users without access tries to view the content', 'ultimate-member' ), - 'value' => ! empty( $data['_um_restrict_by_custom_message'] ) ? $data['_um_restrict_by_custom_message'] : '0', - 'options' => array( - '0' => __( 'Global default message (default)', 'ultimate-member' ), - '1' => __( 'Custom message', 'ultimate-member' ), - ), - 'conditional' => array( '_um_noaccess_action', '=', '0' ) - ), - array( - 'id' => '_um_restrict_custom_message', - 'type' => 'wp_editor', - 'name' => '_um_restrict_custom_message', - 'label' => __( 'Custom Restrict Content message', 'ultimate-member' ), - 'description' => __( 'Changed global restrict message', 'ultimate-member' ), - 'value' => ! empty( $data['_um_restrict_custom_message'] ) ? $data['_um_restrict_custom_message'] : '', - 'conditional' => array( '_um_restrict_by_custom_message', '=', '1' ) - ), - array( - 'id' => '_um_access_redirect', - 'type' => 'select', - 'name' => '_um_access_redirect', - 'label' => __( 'Where should users be redirected to?', 'ultimate-member' ), - 'description' => __( 'Select redirect to page when user hasn\'t access to content', 'ultimate-member' ), - 'value' => ! empty( $data['_um_access_redirect'] ) ? $data['_um_access_redirect'] : '0', - 'conditional' => array( '_um_noaccess_action', '=', '1' ), - 'options' => array( - '0' => __( 'Login page', 'ultimate-member' ), - '1' => __( 'Custom URL', 'ultimate-member' ), - ), - ), - array( - 'id' => '_um_access_redirect_url', - 'type' => 'text', - 'name' => '_um_access_redirect_url', - 'label' => __( 'Redirect URL', 'ultimate-member' ), - 'description' => __( 'Changed global restrict message', 'ultimate-member' ), - 'value' => ! empty( $data['_um_access_redirect_url'] ) ? $data['_um_access_redirect_url'] : '', - 'conditional' => array( '_um_access_redirect', '=', '1' ) - ), - array( - 'id' => '_um_access_hide_from_queries', - 'type' => 'checkbox', - 'name' => '_um_access_hide_from_queries', - 'label' => __( 'Hide from queries', 'ultimate-member' ), - 'description' => __( 'Hide this content from archives, RSS feeds etc for users who do not have permission to view this content', 'ultimate-member' ), - 'value' => ! empty( $data['_um_access_hide_from_queries'] ) ? $data['_um_access_hide_from_queries'] : '', - 'conditional' => array( '_um_accessible', '!=', '0' ) - ) - ) + 'fields' => $fields ) )->render_form(); wp_nonce_field( basename( __FILE__ ), 'um_admin_save_taxonomy_restrict_content_nonce' ); @@ -339,120 +341,122 @@ if ( ! class_exists( 'Admin_Metabox' ) ) { } + $fields = apply_filters( 'um_admin_category_access_settings_fields', array( + array( + 'id' => '_um_custom_access_settings', + 'type' => 'checkbox', + 'class' => 'form-field', + 'name' => '_um_custom_access_settings', + 'label' => __( 'Restrict access to this content?', 'ultimate-member' ), + 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), + 'value' => ! empty( $data['_um_custom_access_settings'] ) ? $data['_um_custom_access_settings'] : 0, + ), + array( + 'id' => '_um_accessible', + 'type' => 'select', + 'class' => 'form-field', + 'name' => '_um_accessible', + 'label' => __( 'Who can access this content?', 'ultimate-member' ), + 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), + 'value' => ! empty( $data['_um_accessible'] ) ? $data['_um_accessible'] : 0, + 'options' => array( + '0' => __( 'Everyone', 'ultimate-member' ), + '1' => __( 'Logged out users', 'ultimate-member' ), + '2' => __( 'Logged in users', 'ultimate-member' ), + ), + 'conditional' => array( '_um_custom_access_settings', '=', '1' ) + ), + array( + 'id' => '_um_access_roles', + 'type' => 'multi_checkbox', + 'class' => 'form-field', + 'name' => '_um_access_roles', + 'label' => __( 'Select which roles can access this content', 'ultimate-member' ), + 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), + 'value' => $_um_access_roles_value, + 'options' => UM()->roles()->get_roles( false, array( 'administrator' ) ), + 'columns' => 3, + 'conditional' => array( '_um_accessible', '=', '2' ) + ), + array( + 'id' => '_um_noaccess_action', + 'type' => 'select', + 'class' => 'form-field', + 'name' => '_um_noaccess_action', + 'label' => __( 'What happens when users without access tries to view the content?', 'ultimate-member' ), + 'description' => __( 'Action when users without access tries to view the content', 'ultimate-member' ), + 'value' => ! empty( $data['_um_noaccess_action'] ) ? $data['_um_noaccess_action'] : 0, + 'options' => array( + '0' => __( 'Show access restricted message', 'ultimate-member' ), + '1' => __( 'Redirect user', 'ultimate-member' ), + ), + 'conditional' => array( '_um_accessible', '!=', '0' ) + ), + array( + 'id' => '_um_restrict_by_custom_message', + 'type' => 'select', + 'class' => 'form-field', + 'name' => '_um_restrict_by_custom_message', + 'label' => __( 'Would you like to use the global default message or apply a custom message to this content?', 'ultimate-member' ), + 'description' => __( 'Action when users without access tries to view the content', 'ultimate-member' ), + 'value' => ! empty( $data['_um_restrict_by_custom_message'] ) ? $data['_um_restrict_by_custom_message'] : '0', + 'options' => array( + '0' => __( 'Global default message (default)', 'ultimate-member' ), + '1' => __( 'Custom message', 'ultimate-member' ), + ), + 'conditional' => array( '_um_noaccess_action', '=', '0' ) + ), + array( + 'id' => '_um_restrict_custom_message', + 'type' => 'wp_editor', + 'class' => 'form-field', + 'name' => '_um_restrict_custom_message', + 'label' => __( 'Custom Restrict Content message', 'ultimate-member' ), + 'description' => __( 'Changed global restrict message', 'ultimate-member' ), + 'value' => ! empty( $data['_um_restrict_custom_message'] ) ? $data['_um_restrict_custom_message'] : '', + 'conditional' => array( '_um_restrict_by_custom_message', '=', '1' ) + ), + array( + 'id' => '_um_access_redirect', + 'type' => 'select', + 'class' => 'form-field', + 'name' => '_um_access_redirect', + 'label' => __( 'Where should users be redirected to?', 'ultimate-member' ), + 'description' => __( 'Select redirect to page when user hasn\'t access to content', 'ultimate-member' ), + 'value' => ! empty( $data['_um_access_redirect'] ) ? $data['_um_access_redirect'] : '0', + 'conditional' => array( '_um_noaccess_action', '=', '1' ), + 'options' => array( + '0' => __( 'Login page', 'ultimate-member' ), + '1' => __( 'Custom URL', 'ultimate-member' ), + ), + ), + array( + 'id' => '_um_access_redirect_url', + 'type' => 'text', + 'class' => 'form-field', + 'name' => '_um_access_redirect_url', + 'label' => __( 'Redirect URL', 'ultimate-member' ), + 'description' => __( 'Changed global restrict message', 'ultimate-member' ), + 'value' => ! empty( $data['_um_access_redirect_url'] ) ? $data['_um_access_redirect_url'] : '', + 'conditional' => array( '_um_access_redirect', '=', '1' ) + ), + array( + 'id' => '_um_access_hide_from_queries', + 'type' => 'checkbox', + 'class' => 'form-field', + 'name' => '_um_access_hide_from_queries', + 'label' => __( 'Hide from queries', 'ultimate-member' ), + 'description' => __( 'Hide this content from archives, RSS feeds etc for users who do not have permission to view this content', 'ultimate-member' ), + 'value' => ! empty( $data['_um_access_hide_from_queries'] ) ? $data['_um_access_hide_from_queries'] : '', + 'conditional' => array( '_um_accessible', '!=', '0' ) + ) + ), $data, 'edit' ); + UM()->admin_forms( array( 'class' => 'um-restrict-content um-third-column', 'prefix_id' => 'um_content_restriction', 'without_wrapper' => true, - 'fields' => array( - array( - 'id' => '_um_custom_access_settings', - 'type' => 'checkbox', - 'class' => 'form-field', - 'name' => '_um_custom_access_settings', - 'label' => __( 'Restrict access to this content?', 'ultimate-member' ), - 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), - 'value' => ! empty( $data['_um_custom_access_settings'] ) ? $data['_um_custom_access_settings'] : 0, - ), - array( - 'id' => '_um_accessible', - 'type' => 'select', - 'class' => 'form-field', - 'name' => '_um_accessible', - 'label' => __( 'Who can access this content?', 'ultimate-member' ), - 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), - 'value' => ! empty( $data['_um_accessible'] ) ? $data['_um_accessible'] : 0, - 'options' => array( - '0' => __( 'Everyone', 'ultimate-member' ), - '1' => __( 'Logged out users', 'ultimate-member' ), - '2' => __( 'Logged in users', 'ultimate-member' ), - ), - 'conditional' => array( '_um_custom_access_settings', '=', '1' ) - ), - array( - 'id' => '_um_access_roles', - 'type' => 'multi_checkbox', - 'class' => 'form-field', - 'name' => '_um_access_roles', - 'label' => __( 'Select which roles can access this content', 'ultimate-member' ), - 'description' => __( 'Activate content restriction for this post', 'ultimate-member' ), - 'value' => $_um_access_roles_value, - 'options' => UM()->roles()->get_roles( false, array( 'administrator' ) ), - 'columns' => 3, - 'conditional' => array( '_um_accessible', '=', '2' ) - ), - array( - 'id' => '_um_noaccess_action', - 'type' => 'select', - 'class' => 'form-field', - 'name' => '_um_noaccess_action', - 'label' => __( 'What happens when users without access tries to view the content?', 'ultimate-member' ), - 'description' => __( 'Action when users without access tries to view the content', 'ultimate-member' ), - 'value' => ! empty( $data['_um_noaccess_action'] ) ? $data['_um_noaccess_action'] : 0, - 'options' => array( - '0' => __( 'Show access restricted message', 'ultimate-member' ), - '1' => __( 'Redirect user', 'ultimate-member' ), - ), - 'conditional' => array( '_um_accessible', '!=', '0' ) - ), - array( - 'id' => '_um_restrict_by_custom_message', - 'type' => 'select', - 'class' => 'form-field', - 'name' => '_um_restrict_by_custom_message', - 'label' => __( 'Would you like to use the global default message or apply a custom message to this content?', 'ultimate-member' ), - 'description' => __( 'Action when users without access tries to view the content', 'ultimate-member' ), - 'value' => ! empty( $data['_um_restrict_by_custom_message'] ) ? $data['_um_restrict_by_custom_message'] : '0', - 'options' => array( - '0' => __( 'Global default message (default)', 'ultimate-member' ), - '1' => __( 'Custom message', 'ultimate-member' ), - ), - 'conditional' => array( '_um_noaccess_action', '=', '0' ) - ), - array( - 'id' => '_um_restrict_custom_message', - 'type' => 'wp_editor', - 'class' => 'form-field', - 'name' => '_um_restrict_custom_message', - 'label' => __( 'Custom Restrict Content message', 'ultimate-member' ), - 'description' => __( 'Changed global restrict message', 'ultimate-member' ), - 'value' => ! empty( $data['_um_restrict_custom_message'] ) ? $data['_um_restrict_custom_message'] : '', - 'conditional' => array( '_um_restrict_by_custom_message', '=', '1' ) - ), - array( - 'id' => '_um_access_redirect', - 'type' => 'select', - 'class' => 'form-field', - 'name' => '_um_access_redirect', - 'label' => __( 'Where should users be redirected to?', 'ultimate-member' ), - 'description' => __( 'Select redirect to page when user hasn\'t access to content', 'ultimate-member' ), - 'value' => ! empty( $data['_um_access_redirect'] ) ? $data['_um_access_redirect'] : '0', - 'conditional' => array( '_um_noaccess_action', '=', '1' ), - 'options' => array( - '0' => __( 'Login page', 'ultimate-member' ), - '1' => __( 'Custom URL', 'ultimate-member' ), - ), - ), - array( - 'id' => '_um_access_redirect_url', - 'type' => 'text', - 'class' => 'form-field', - 'name' => '_um_access_redirect_url', - 'label' => __( 'Redirect URL', 'ultimate-member' ), - 'description' => __( 'Changed global restrict message', 'ultimate-member' ), - 'value' => ! empty( $data['_um_access_redirect_url'] ) ? $data['_um_access_redirect_url'] : '', - 'conditional' => array( '_um_access_redirect', '=', '1' ) - ), - array( - 'id' => '_um_access_hide_from_queries', - 'type' => 'checkbox', - 'class' => 'form-field', - 'name' => '_um_access_hide_from_queries', - 'label' => __( 'Hide from queries', 'ultimate-member' ), - 'description' => __( 'Hide this content from archives, RSS feeds etc for users who do not have permission to view this content', 'ultimate-member' ), - 'value' => ! empty( $data['_um_access_hide_from_queries'] ) ? $data['_um_access_hide_from_queries'] : '', - 'conditional' => array( '_um_accessible', '!=', '0' ) - ) - ) + 'fields' => $fields ) )->render_form(); wp_nonce_field( basename( __FILE__ ), 'um_admin_save_taxonomy_restrict_content_nonce' ); diff --git a/includes/core/class-access.php b/includes/core/class-access.php index 9f97d8ff..59cb526f 100644 --- a/includes/core/class-access.php +++ b/includes/core/class-access.php @@ -148,7 +148,7 @@ if ( ! class_exists( 'Access' ) ) { $restricted_posts = um_get_option( 'restricted_access_post_metabox' ); - if ( ! empty( $restricted_posts[$post->post_type] ) ) { + if ( ! empty( $restricted_posts[ $post->post_type ] ) ) { $restriction = get_post_meta( $post->ID, 'um_content_restriction', true ); if ( ! empty( $restriction['_um_custom_access_settings'] ) ) { @@ -291,16 +291,16 @@ if ( ! class_exists( 'Access' ) ) { continue; } + $custom_restrict = apply_filters( 'um_custom_restriction', true, $restriction ); if ( ! empty( $restriction['_um_access_roles'] ) ) $user_can = $this->user_can( get_current_user_id(), $restriction['_um_access_roles'] ); - if ( isset( $user_can ) && $user_can ) { + if ( isset( $user_can ) && $user_can && $custom_restrict ) { $filtered_posts[] = $post; continue; } - if ( empty( $query->is_singular ) ) { //if not single query when exclude if set _um_access_hide_from_queries if ( empty( $restriction['_um_access_hide_from_queries'] ) ) { @@ -467,9 +467,12 @@ if ( ! class_exists( 'Access' ) ) { //if post for logged in users and user is not logged in if ( is_user_logged_in() ) { - $user_can = $this->user_can( get_current_user_id(), $restriction['_um_access_roles'] ); + $custom_restrict = apply_filters( 'um_custom_restriction', true, $restriction ); - if ( $user_can ) { + if ( ! empty( $restriction['_um_access_roles'] ) ) + $user_can = $this->user_can( get_current_user_id(), $restriction['_um_access_roles'] ); + + if ( isset( $user_can ) && $user_can && $custom_restrict ) { $filtered_items[] = $menu_item; continue; }