<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[15890] trunk/wp-includes:
Rough first pass on map_meta_cap for custom post types.</title>
</head>
<body>
<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/15890">15890</a></dd>
<dt>Author</dt> <dd>nacin</dd>
<dt>Date</dt> <dd>2010-10-21 14:40:04 +0000 (Thu, 21 Oct 2010)</dd>
</dl>
<h3>Log Message</h3>
<pre>Rough first pass on map_meta_cap for custom post types. see <a href="http://trac.wordpress.org/ticket/14122">#14122</a>.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpincludescapabilitiesphp">trunk/wp-includes/capabilities.php</a></li>
<li><a href="#trunkwpincludespostphp">trunk/wp-includes/post.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpincludescapabilitiesphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/capabilities.php (15889 => 15890)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/capabilities.php 2010-10-21 14:20:40 UTC (rev 15889)
+++ trunk/wp-includes/capabilities.php 2010-10-21 14:40:04 UTC (rev 15890)
</span><span class="lines">@@ -817,11 +817,12 @@
</span><span class="cx"> $caps[] = 'edit_users'; // Explicit due to primitive fall through
</span><span class="cx"> break;
</span><span class="cx"> case 'delete_post':
</span><ins>+ case 'delete_page':
</ins><span class="cx"> $author_data = get_userdata( $user_id );
</span><span class="cx"> //echo "post ID: {$args[0]}<br />";
</span><span class="cx"> $post = get_post( $args[0] );
</span><span class="cx"> $post_type = get_post_type_object( $post->post_type );
</span><del>- if ( $post_type && 'post' != $post_type->capability_type ) {
</del><ins>+ if ( 'delete_post' == $cap && $post_type && 'post' != $post_type->capability_type && ! $post_type->map_meta_cap ) {
</ins><span class="cx"> $args = array_merge( array( $post_type->cap->delete_post, $user_id ), $args );
</span><span class="cx"> return call_user_func_array( 'map_meta_cap', $args );
</span><span class="cx"> }
</span><span class="lines">@@ -837,69 +838,34 @@
</span><span class="cx"> if ( is_object( $post_author_data ) && $user_id == $post_author_data->ID ) {
</span><span class="cx"> // If the post is published...
</span><span class="cx"> if ( 'publish' == $post->post_status ) {
</span><del>- $caps[] = 'delete_published_posts';
</del><ins>+ $caps[] = $post_type->cap->delete_published_posts;
</ins><span class="cx"> } elseif ( 'trash' == $post->post_status ) {
</span><span class="cx"> if ('publish' == get_post_meta($post->ID, '_wp_trash_meta_status', true) )
</span><del>- $caps[] = 'delete_published_posts';
</del><ins>+ $caps[] = $post_type->cap->delete_published_posts;
</ins><span class="cx"> } else {
</span><span class="cx"> // If the post is draft...
</span><del>- $caps[] = 'delete_posts';
</del><ins>+ $caps[] = $post_type->cap->delete_posts;
</ins><span class="cx"> }
</span><span class="cx"> } else {
</span><span class="cx"> // The user is trying to edit someone else's post.
</span><del>- $caps[] = 'delete_others_posts';
</del><ins>+ $caps[] = $post_type->cap->delete_others_posts;
</ins><span class="cx"> // The post is published, extra cap required.
</span><span class="cx"> if ( 'publish' == $post->post_status )
</span><del>- $caps[] = 'delete_published_posts';
</del><ins>+ $caps[] = $post_type->cap->delete_published_posts;
</ins><span class="cx"> elseif ( 'private' == $post->post_status )
</span><del>- $caps[] = 'delete_private_posts';
</del><ins>+ $caps[] = $post_type->cap->delete_private_posts;
</ins><span class="cx"> }
</span><span class="cx"> break;
</span><del>- case 'delete_page':
- $author_data = get_userdata( $user_id );
- //echo "post ID: {$args[0]}<br />";
- $page = get_page( $args[0] );
- $page_author_data = get_userdata( $page->post_author );
- //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />";
- // If the user is the author...
-
- if ('' != $page->post_author) {
- $page_author_data = get_userdata( $page->post_author );
- } else {
- //No author set yet so default to current user for cap checks
- $page_author_data = $author_data;
- }
-
- if ( is_object( $page_author_data ) && $user_id == $page_author_data->ID ) {
- // If the page is published...
- if ( $page->post_status == 'publish' ) {
- $caps[] = 'delete_published_pages';
- } elseif ( 'trash' == $page->post_status ) {
- if ('publish' == get_post_meta($page->ID, '_wp_trash_meta_status', true) )
- $caps[] = 'delete_published_pages';
- } else {
- // If the page is draft...
- $caps[] = 'delete_pages';
- }
- } else {
- // The user is trying to edit someone else's page.
- $caps[] = 'delete_others_pages';
- // The page is published, extra cap required.
- if ( $page->post_status == 'publish' )
- $caps[] = 'delete_published_pages';
- elseif ( $page->post_status == 'private' )
- $caps[] = 'delete_private_pages';
- }
- break;
</del><span class="cx"> // edit_post breaks down to edit_posts, edit_published_posts, or
</span><span class="cx"> // edit_others_posts
</span><span class="cx"> case 'edit_post':
</span><ins>+ case 'edit_page':
</ins><span class="cx"> $author_data = get_userdata( $user_id );
</span><span class="cx"> //echo "post ID: {$args[0]}<br />";
</span><span class="cx"> $post = get_post( $args[0] );
</span><span class="cx">
</span><span class="cx"> $post_type = get_post_type_object( $post->post_type );
</span><del>- if ( $post_type && 'post' != $post_type->capability_type ) {
</del><ins>+ if ( 'edit_post' == $cap && $post_type && 'post' != $post_type->capability_type && ! $post_type->map_meta_cap ) {
</ins><span class="cx"> $args = array_merge( array( $post_type->cap->edit_post, $user_id ), $args );
</span><span class="cx"> return call_user_func_array( 'map_meta_cap', $args );
</span><span class="cx"> }
</span><span class="lines">@@ -909,87 +875,45 @@
</span><span class="cx"> if ( is_object( $post_author_data ) && $user_id == $post_author_data->ID ) {
</span><span class="cx"> // If the post is published...
</span><span class="cx"> if ( 'publish' == $post->post_status ) {
</span><del>- $caps[] = 'edit_published_posts';
</del><ins>+ $caps[] = $post_type->cap->edit_published_posts;
</ins><span class="cx"> } elseif ( 'trash' == $post->post_status ) {
</span><span class="cx"> if ('publish' == get_post_meta($post->ID, '_wp_trash_meta_status', true) )
</span><del>- $caps[] = 'edit_published_posts';
</del><ins>+ $caps[] = $post_type->cap->edit_published_posts;
</ins><span class="cx"> } else {
</span><span class="cx"> // If the post is draft...
</span><del>- $caps[] = 'edit_posts';
</del><ins>+ $caps[] = $post_type->cap->edit_posts;
</ins><span class="cx"> }
</span><span class="cx"> } else {
</span><span class="cx"> // The user is trying to edit someone else's post.
</span><del>- $caps[] = 'edit_others_posts';
</del><ins>+ $caps[] = $post_type->cap->edit_others_posts;
</ins><span class="cx"> // The post is published, extra cap required.
</span><span class="cx"> if ( 'publish' == $post->post_status )
</span><del>- $caps[] = 'edit_published_posts';
</del><ins>+ $caps[] = $post_type->cap->edit_published_posts;
</ins><span class="cx"> elseif ( 'private' == $post->post_status )
</span><del>- $caps[] = 'edit_private_posts';
</del><ins>+ $caps[] = $post_type->cap->edit_private_posts;
</ins><span class="cx"> }
</span><span class="cx"> break;
</span><del>- case 'edit_page':
- $author_data = get_userdata( $user_id );
- //echo "post ID: {$args[0]}<br />";
- $page = get_page( $args[0] );
- $page_author_data = get_userdata( $page->post_author );
- //echo "current user id : $user_id, page author id: " . $page_author_data->ID . "<br />";
- // If the user is the author...
- if ( is_object( $page_author_data ) && $user_id == $page_author_data->ID ) {
- // If the page is published...
- if ( 'publish' == $page->post_status ) {
- $caps[] = 'edit_published_pages';
- } elseif ( 'trash' == $page->post_status ) {
- if ('publish' == get_post_meta($page->ID, '_wp_trash_meta_status', true) )
- $caps[] = 'edit_published_pages';
- } else {
- // If the page is draft...
- $caps[] = 'edit_pages';
- }
- } else {
- // The user is trying to edit someone else's page.
- $caps[] = 'edit_others_pages';
- // The page is published, extra cap required.
- if ( 'publish' == $page->post_status )
- $caps[] = 'edit_published_pages';
- elseif ( 'private' == $page->post_status )
- $caps[] = 'edit_private_pages';
- }
- break;
</del><span class="cx"> case 'read_post':
</span><ins>+ case 'read_page':
</ins><span class="cx"> $post = get_post( $args[0] );
</span><span class="cx"> $post_type = get_post_type_object( $post->post_type );
</span><del>- if ( $post_type && 'post' != $post_type->capability_type ) {
</del><ins>+ if ( 'read_post' == $cap && $post_type && 'post' != $post_type->capability_type && ! $post_type->map_meta_cap ) {
</ins><span class="cx"> $args = array_merge( array( $post_type->cap->read_post, $user_id ), $args );
</span><span class="cx"> return call_user_func_array( 'map_meta_cap', $args );
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if ( 'private' != $post->post_status ) {
</span><del>- $caps[] = 'read';
</del><ins>+ $caps[] = $post_type->cap->read;
</ins><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> $author_data = get_userdata( $user_id );
</span><span class="cx"> $post_author_data = get_userdata( $post->post_author );
</span><span class="cx"> if ( is_object( $post_author_data ) && $user_id == $post_author_data->ID )
</span><del>- $caps[] = 'read';
</del><ins>+ $caps[] = $post_type->cap->read;
</ins><span class="cx"> else
</span><del>- $caps[] = 'read_private_posts';
</del><ins>+ $caps[] = $post_type->cap->read_private_posts;
</ins><span class="cx"> break;
</span><del>- case 'read_page':
- $page = get_page( $args[0] );
-
- if ( 'private' != $page->post_status ) {
- $caps[] = 'read';
- break;
- }
-
- $author_data = get_userdata( $user_id );
- $page_author_data = get_userdata( $page->post_author );
- if ( is_object( $page_author_data ) && $user_id == $page_author_data->ID )
- $caps[] = 'read';
- else
- $caps[] = 'read_private_pages';
- break;
</del><span class="cx"> case 'edit_comment':
</span><span class="cx"> $comment = get_comment( $args[0] );
</span><span class="cx"> $post = get_post( $comment->comment_post_ID );
</span><span class="lines">@@ -1050,6 +974,13 @@
</span><span class="cx"> $caps[] = $cap;
</span><span class="cx"> break;
</span><span class="cx"> default:
</span><ins>+ // Handle meta capabilities for custom post types.
+ $post_type_meta_caps = _post_type_meta_capabilities();
+ if ( isset( $post_type_meta_caps[ $cap ] ) ) {
+ $args = array_merge( array( $post_type_meta_caps[ $cap ], $user_id ), $args );
+ return call_user_func_array( 'map_meta_cap', $args );
+ }
+
</ins><span class="cx"> // If no meta caps match, return the original cap.
</span><span class="cx"> $caps[] = $cap;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkwpincludespostphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/post.php (15889 => 15890)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/post.php 2010-10-21 14:20:40 UTC (rev 15889)
+++ trunk/wp-includes/post.php 2010-10-21 14:40:04 UTC (rev 15890)
</span><span class="lines">@@ -20,6 +20,7 @@
</span><span class="cx"> '_builtin' => true, /* internal use only. don't use this when registering your own post type. */
</span><span class="cx"> '_edit_link' => 'post.php?post=%d', /* internal use only. don't use this when registering your own post type. */
</span><span class="cx"> 'capability_type' => 'post',
</span><ins>+ 'map_meta_cap' => true,
</ins><span class="cx"> 'hierarchical' => false,
</span><span class="cx"> 'rewrite' => false,
</span><span class="cx"> 'query_var' => false,
</span><span class="lines">@@ -31,6 +32,7 @@
</span><span class="cx"> '_builtin' => true, /* internal use only. don't use this when registering your own post type. */
</span><span class="cx"> '_edit_link' => 'post.php?post=%d', /* internal use only. don't use this when registering your own post type. */
</span><span class="cx"> 'capability_type' => 'page',
</span><ins>+ 'map_meta_cap' => true,
</ins><span class="cx"> 'hierarchical' => true,
</span><span class="cx"> 'rewrite' => false,
</span><span class="cx"> 'query_var' => false,
</span><span class="lines">@@ -836,7 +838,8 @@
</span><span class="cx"> * - menu_position - The position in the menu order the post type should appear. Defaults to the bottom.
</span><span class="cx"> * - menu_icon - The url to the icon to be used for this menu. Defaults to use the posts icon.
</span><span class="cx"> * - capability_type - The post type to use for checking read, edit, and delete capabilities. Defaults to "post".
</span><del>- * - capabilities - Array of capabilities for this post type. You can see accepted values in {@link get_post_type_capabilities()}. By default the capability_type is used to construct capabilities.
</del><ins>+ * - capabilities - Array of capabilities for this post type. You can see accepted values in {@link get_post_type_capabilities()}. By default the capability_type is used as a base to construct capabilities.
+ * - map_meta_cap - Whether to use the internal default meta capability handling. Defaults to false.
</ins><span class="cx"> * - hierarchical - Whether the post type is hierarchical. Defaults to false.
</span><span class="cx"> * - supports - An alias for calling add_post_type_support() directly. See add_post_type_support() for Documentation. Defaults to none.
</span><span class="cx"> * - register_meta_box_cb - Provide a callback function that will be called when setting up the meta boxes for the edit form. Do remove_meta_box() and add_meta_box() calls in the callback.
</span><span class="lines">@@ -866,7 +869,8 @@
</span><span class="cx"> // Args prefixed with an underscore are reserved for internal use.
</span><span class="cx"> $defaults = array(
</span><span class="cx"> 'labels' => array(), 'description' => '', 'publicly_queryable' => null, 'exclude_from_search' => null,
</span><del>- '_builtin' => false, '_edit_link' => 'post.php?post=%d', 'capability_type' => 'post', 'capabilities' => array(), 'hierarchical' => false,
</del><ins>+ 'capability_type' => 'post', 'capabilities' => array(), 'map_meta_cap' => false,
+ '_builtin' => false, '_edit_link' => 'post.php?post=%d', 'hierarchical' => false,
</ins><span class="cx"> 'public' => false, 'rewrite' => true, 'query_var' => true, 'supports' => array(), 'register_meta_box_cb' => null,
</span><span class="cx"> 'taxonomies' => array(), 'show_ui' => null, 'menu_position' => null, 'menu_icon' => null,
</span><span class="cx"> 'permalink_epmask' => EP_PERMALINK, 'can_export' => true, 'show_in_nav_menus' => null, 'show_in_menu' => null,
</span><span class="lines">@@ -978,25 +982,63 @@
</span><span class="cx"> * - read_private_posts - The capability that controls reading private posts. Defaults to "read_private . $capability_type . s" (read_private_posts).
</span><span class="cx"> * - delete_post - The meta capability that controls deleting a particular object of this post type. Defaults to "delete_ . $capability_type" (delete_post).
</span><span class="cx"> *
</span><ins>+ * @see map_meta_cap()
</ins><span class="cx"> * @since 3.0.0
</span><ins>+ *
</ins><span class="cx"> * @param object $args
</span><span class="cx"> * @return object object with all the capabilities as member variables
</span><span class="cx"> */
</span><span class="cx"> function get_post_type_capabilities( $args ) {
</span><del>- $defaults = array(
</del><ins>+ global $_post_type_meta_capabilities;
+
+ $default_capabilities = array(
+ // Meta capabilities are generally mapped to primitive capabilities depending on the context
+ // (which would be the post being edited/deleted/read), instead of granted to users or roles:
</ins><span class="cx"> 'edit_post' => 'edit_' . $args->capability_type,
</span><ins>+ 'read_post' => 'read_' . $args->capability_type,
+ 'delete_post' => 'delete_' . $args->capability_type,
+ // Primitive capabilities that are used outside of map_meta_cap():
</ins><span class="cx"> 'edit_posts' => 'edit_' . $args->capability_type . 's',
</span><span class="cx"> 'edit_others_posts' => 'edit_others_' . $args->capability_type . 's',
</span><span class="cx"> 'publish_posts' => 'publish_' . $args->capability_type . 's',
</span><del>- 'read_post' => 'read_' . $args->capability_type,
</del><span class="cx"> 'read_private_posts' => 'read_private_' . $args->capability_type . 's',
</span><del>- 'delete_post' => 'delete_' . $args->capability_type,
</del><span class="cx"> );
</span><del>- $labels = array_merge( $defaults, $args->capabilities );
- return (object) $labels;
</del><ins>+ // Primitive capabilities that are used within map_meta_cap():
+ if ( $args->map_meta_cap ) {
+ $default_capabilities_for_mapping = array(
+ 'read' => 'read',
+ 'delete_posts' => 'delete_' . $args->capability_type . 's',
+ 'delete_private_posts' => 'delete_private_' . $args->capability_type . 's',
+ 'delete_published_posts' => 'delete_published_' . $args->capability_type . 's',
+ 'delete_others_posts' => 'delete_others_' . $args->capability_type . 's',
+ 'edit_private_posts' => 'edit_private_' . $args->capability_type . 's',
+ 'edit_published_posts' => 'edit_published_' . $args->capability_type . 's',
+ );
+ $default_capabilities = array_merge( $default_capabilities, $default_capabilities_for_mapping );
+ }
+ $capabilities = array_merge( $default_capabilities, $args->capabilities );
+ if ( $args->map_meta_cap )
+ _post_type_meta_capabilities( $capabilities );
+ return (object) $capabilities;
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> /**
</span><ins>+ * Stores or returns a list of post type meta caps for map_meta_cap().
+ *
+ * @since 3.1.0
+ * @access private
+ */
+function _post_type_meta_capabilities( $capabilities = null ) {
+ static $meta_caps = array();
+ if ( null === $capabilities )
+ return $meta_caps;
+ foreach ( $capabilities as $core => $custom ) {
+ if ( in_array( $core, array( 'read_post', 'delete_post', 'edit_post' ) ) )
+ $meta_caps[ $custom ] = $core;
+ }
+}
+
+/**
</ins><span class="cx"> * Builds an object with all post type labels out of a post type object
</span><span class="cx"> *
</span><span class="cx"> * Accepted keys of the label array in the post type object:
</span></span></pre>
</div>
</div>
</body>
</html>