[wp-hackers] User Capabilities

Owen Winkler ringmaster at midnightcircus.com
Sun Jul 10 12:38:44 GMT 2005


David House wrote:

>I'm trying to try this out! What program are you both using to
>generate your diffs? GNU patch 2.5.9 is erroring on every single hunk;
>I can't apply that diff.
>
>There's no svn subcommand that will apply patches, is there? I don't
>think svn merge does it.
>  
>
Oops.  I think maybe this diff will work better.  (The capabilities.php 
is the same as the last.)

I'm using TortoiseSVN on Windows to generate and apply patches.  I 
hacked up the last one a bit to remove some media functions from the 
patch and I think I mangled the section for functions.php in the 
process, but I tried this patch myself on a fresh svn Update and it 
worked swell.

I know that command-line svn offers diff output (via svn diff), but I 
don't see the command to apply a patch from SVN.  Maybe give GNU patch 
another try with the included diff?

Owen




-------------- next part --------------
Index: functions.php
===================================================================
--- wp-includes/functions.php	(revision 2702)
+++ wp-includes/functions.php	(working copy)
@@ -1218,32 +1218,11 @@
 
 function update_category_cache() {
 	global $cache_categories, $wpdb;
-	$dogs = $wpdb->get_results("SELECT * FROM $wpdb->categories");
-	foreach ($dogs as $catt)
-		$cache_categories[$catt->cat_ID] = $catt;
-}
-
-function update_user_cache() {
-	global $cache_userdata, $wpdb;
-	$level_key = $wpdb->prefix . 'user_level';
-	$user_ids = $wpdb->get_col("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'");
-	$user_ids = join(',', $user_ids);
-	$query = apply_filters('user_cache_query', "SELECT * FROM $wpdb->users WHERE ID IN ($user_ids)");
-	if ( $users = $wpdb->get_results( $query ) ) :
-		foreach ($users as $user) :
-			$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user->ID'");
-			foreach ( $metavalues as $meta ) {
-				$user->{$meta->meta_key} = $meta->meta_value;
-				// We need to set user_level from meta, not row
-				if ( $wpdb->prefix . 'user_level' == $meta->meta_key )
-					$user->user_level = $meta->meta_value;
-			}
-
-			$cache_userdata[$user->ID] = $user;
-			$cache_userdata[$user->user_login] =& $cache_userdata[$user->ID];
-		endforeach;
+	if($dogs = $wpdb->get_results("SELECT * FROM $wpdb->categories")):
+		foreach ($dogs as $catt)
+			$cache_categories[$catt->cat_ID] = $catt;
 		return true;
-	else : 
+	else:
 		return false;
 	endif;
 }
@@ -1959,11 +1938,38 @@
 	@ header('Pragma: no-cache');
 }
 
+function get_usermeta( $user_id, $meta_key = '') {
+	global $wpdb;
+	$user_id = (int) $user_id;
+
+	if ( !empty($meta_key) ) {
+	$meta_key = preg_replace('|a-z0-9_|i', '', $meta_key);
+		$metas = $wpdb->get_results("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id' AND meta_key = '$meta_key'");
+	} else {
+		$metas = $wpdb->get_results("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id'");
+	}
+
+	foreach ($metas as $index => $meta) {
+		@ $value = unserialize($meta->meta_key);
+		if ($value !== FALSE)
+			$metas[$index]->meta_key = $value;			
+	}
+
+	if ( !empty($meta_key) )
+		return $metas[0];
+	else
+		return $metas;
+}
+
 function update_usermeta( $user_id, $meta_key, $meta_value ) {
 	global $wpdb;
 	if ( !is_numeric( $user_id ) )
 		return false;
 	$meta_key = preg_replace('|a-z0-9_|i', '', $meta_key);
+
+	if ( is_array($meta_value) || is_object($meta_value) )
+		$meta_value = serialize($meta_value);
+
 	$cur = $wpdb->get_row("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id' AND meta_key = '$meta_key'");
 	if ( !$cur ) {
 		$wpdb->query("INSERT INTO $wpdb->usermeta ( user_id, meta_key, meta_value )
@@ -1991,4 +1997,4 @@
 	return preg_replace('/^.*wp-content[\\\\\/]plugins[\\\\\/]/', '', $file);
 }
 
-?>
\ No newline at end of file
+?>
Index: wp-includes/pluggable-functions.php
===================================================================
--- wp-includes/pluggable-functions.php	(revision 2702)
+++ wp-includes/pluggable-functions.php	(working copy)
@@ -19,7 +19,8 @@
 	$user_url    = $userdata->user_url;
 	$user_pass_md5 = md5($userdata->user_pass);
 	$user_identity = $userdata->display_name;
-	$current_user  = $userdata;
+	if ( empty($current_user) )
+		$current_user = new WP_User($user_ID);
 }
 endif;
 
@@ -29,7 +30,7 @@
 	$user_id = (int) $user_id;
 	if ( $user_id == 0 )
 		return false;
-
+		
 	if ( isset( $cache_userdata[$user_id] ) ) 
 		return $cache_userdata[$user_id];
 
@@ -39,20 +40,53 @@
 	$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user_id'");
 
 	foreach ( $metavalues as $meta ) {
-		$user->{$meta->meta_key} = $meta->meta_value;
+		@ $value = unserialize($meta->meta_value);
+		if ($value === FALSE)
+			$value = $meta->meta_value;
+		$user->{$meta->meta_key} = $value;
+
 		// We need to set user_level from meta, not row
 		if ( $wpdb->prefix . 'user_level' == $meta->meta_key )
 			$user->user_level = $meta->meta_value;
 	}
 
 	$cache_userdata[$user_id] = $user;
-
 	$cache_userdata[$cache_userdata[$userid]->user_login] =& $cache_userdata[$user_id];
 
 	return $cache_userdata[$user_id];
 }
 endif;
 
+if ( !function_exists('update_user_cache') ) :
+function update_user_cache() {
+	global $cache_userdata, $wpdb;
+	$level_key = $wpdb->prefix . 'user_level';
+	$user_ids = $wpdb->get_col("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'");
+	$user_ids = join(',', $user_ids);
+	$query = apply_filters('user_cache_query', "SELECT * FROM $wpdb->users WHERE ID IN ($user_ids)");
+	if ( $users = $wpdb->get_results( $query ) ) :
+		foreach ($users as $user) :
+			$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user->ID'");
+			foreach ( $metavalues as $meta ) {
+				@ $value = unserialize($meta->meta_value);
+				if ($value === FALSE)
+					$value = $meta->meta_value;
+				$user->{$meta->meta_key} = $value;
+				// We need to set user_level from meta, not row
+				if ( $wpdb->prefix . 'user_level' == $meta->meta_key )
+					$user->user_level = $meta->meta_value;
+			}
+
+			$cache_userdata[$user->ID] = $user;
+			$cache_userdata[$user->user_login] =& $cache_userdata[$user->ID];
+		endforeach;
+		return true;
+	else : 
+		return false;
+	endif;
+}
+endif;
+
 if ( !function_exists('get_userdatabylogin') ) :
 function get_userdatabylogin($user_login) {
 	global $cache_userdata, $wpdb;
Index: wp-settings.php
===================================================================
--- wp-settings.php	(revision 2702)
+++ wp-settings.php	(working copy)
@@ -74,7 +74,7 @@
 require_once (ABSPATH . WPINC . '/wp-l10n.php');
 
 $wpdb->hide_errors();
-if ( !update_user_cache() && (!strstr($_SERVER['PHP_SELF'], 'install.php') && !defined('WP_INSTALLING')) ) {
+if ( !update_category_cache() && (!strstr($_SERVER['PHP_SELF'], 'install.php') && !defined('WP_INSTALLING')) ) {
 	if ( strstr($_SERVER['PHP_SELF'], 'wp-admin') )
 		$link = 'install.php';
 	else
@@ -85,6 +85,7 @@
 
 require (ABSPATH . WPINC . '/functions-formatting.php');
 require (ABSPATH . WPINC . '/functions-post.php');
+require (ABSPATH . WPINC . '/capabilities.php');
 require (ABSPATH . WPINC . '/classes.php');
 require (ABSPATH . WPINC . '/template-functions-general.php');
 require (ABSPATH . WPINC . '/template-functions-links.php');
@@ -160,7 +161,8 @@
 $wp_query = new WP_Query();
 $wp_rewrite = new WP_Rewrite();
 $wp = new WP();
+$wp_roles = new WP_Roles();
 
 // Everything is loaded and initialized.
 do_action('init');
-?>
\ No newline at end of file
+?>
Index: wp-admin/post.php
===================================================================
--- wp-admin/post.php	(revision 2702)
+++ wp-admin/post.php	(working copy)
@@ -66,7 +66,7 @@
 
 	$post_ID = $p = (int) $_GET['post'];
 
-	if ( !user_can_edit_post($user_ID, $post_ID) )
+	if ( !current_user_can('edit_post', $post_ID) )
 		die ( __('You are not allowed to edit this post.') );
 
 	if ( !user_can_edit_post($user_ID, $post_ID) )
@@ -322,7 +322,7 @@
 <div class="updated"><p><?php printf(__('Post saved. <a href="%s">View site &raquo;</a>'), get_bloginfo('home')); ?></p></div>
 <?php endif; ?>
 <?php
-	if ( user_can_create_draft($user_ID) ) {
+	if (user_can_create_draft($user_ID)) {
 		$action = 'post';
 		get_currentuserinfo();
 		if ( $drafts = get_users_drafts( $user_ID ) ) {
@@ -332,13 +332,13 @@
 			<?php
 			for ( $i = 0; $i < 15; $i++ ) {
 				$draft = $drafts[$i];
-				if ( 0 != $i )
+				if (0 != $i)
 					echo ', ';
 				$draft->post_title = stripslashes($draft->post_title);
 				if ( empty($draft->post_title) )
 					$draft->post_title = sprintf(__('Post # %s'), $draft->ID);
 				echo "<a href='post.php?action=edit&amp;post=$draft->ID' title='" . __('Edit this draft') . "'>$draft->post_title</a>";
-			}
+				}
 			?>
 			<?php if ( 15 < count($drafts) ) { ?>
 			, <a href="edit.php"><?php echo sprintf(__('and %s more'), (count($drafts) - 15) ); ?> &raquo;</a>
Index: wp-admin/upgrade-functions.php
===================================================================
--- wp-admin/upgrade-functions.php	(revision 2702)
+++ wp-admin/upgrade-functions.php	(working copy)
@@ -226,8 +226,11 @@
 			update_usermeta( $user->ID, 'last_name', $wpdb->escape($user->user_lastname) );
 		if ( !empty( $user->user_nickname ) )
 			update_usermeta( $user->ID, 'nickname', $wpdb->escape($user->user_nickname) );
-		if ( !empty( $user->user_level ) )
+		if ( !empty( $user->user_level ) ) {
 			update_usermeta( $user->ID, $table_prefix . 'user_level', $user->user_level );
+			$role = translate_level_to_role($user->user_level);
+			update_usermeta( $user->ID, $table_prefix . 'capabilities', array($role => true) );
+		}
 		if ( !empty( $user->user_icq ) )
 			update_usermeta( $user->ID, 'icq', $wpdb->escape($user->user_icq) );
 		if ( !empty( $user->user_aim ) )
@@ -749,4 +752,27 @@
 	}
 	return $template;
 }
-?>
\ No newline at end of file
+
+function translate_level_to_role($level) {
+	switch ($level) {
+	case 10:
+	case 9:
+	case 8:
+		return 'publisher';
+	case 7:
+	case 6:
+	case 5:
+		return 'managing_editor';
+	case 4:
+	case 3:
+		return 'copy_editor';
+	case 2:
+		return 'staff_writer';
+	case 1:
+		return 'freelancer';
+	case 0:
+		return 'visitor';
+	}
+}
+
+?>
Index: wp-admin/upgrade-schema.php
===================================================================
--- wp-admin/upgrade-schema.php	(revision 2702)
+++ wp-admin/upgrade-schema.php	(working copy)
@@ -216,6 +216,8 @@
 	// 1.5.1
 	add_option('use_trackback', 0);
 
+	populate_roles();
+
 	// Delete unused options
 	$unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl', 'weblogs_xml_url');
 	foreach ($unusedoptions as $option) :
@@ -229,4 +231,101 @@
 	endforeach;
 }
 
+function populate_roles() {
+	global $table_prefix;
+
+	$roles = array ('publisher' =>
+									array('name' => __('Publisher'),
+											'capabilities' => array(
+												'edit_posts' => true,
+												'edit_others_posts' => true,
+												'edit_published_posts' => true,
+												'publish_posts' => true,
+												'edit_pages' => true,
+												'manage_categories' => true,
+												'manage_links' => true,
+												'upload_images' => true,
+												'manage_options' => true,
+												'switch_themes' => true,
+												'edit_themes' => true,
+												'activate_plugins' => true,
+												'edit_plugins' => true,
+												'edit_users' => true,
+												'edit_files' => true,
+												'read' => true,
+												'level_10' => true,
+												'level_9' => true,
+												'level_8' => true
+												)),
+											
+									'managing_editor' =>
+									array('name' => __('Managing Editor'),
+											'capabilities' => array(
+												'edit_posts' => true,
+												'edit_others_posts' => true,
+												'edit_published_posts' => true,
+												'publish_posts' => true,
+												'edit_pages' => true,
+												'manage_categories' => true,
+												'manage_links' => true,
+												'upload_images' => true,
+												'read' => true,
+												'level_7' => true,
+												'level_6' => true,
+												'level_5' => true
+												)),
+											
+									'copy_editor' =>
+									array('name' => __('Copy Editor'),
+											'capabilities' => array(
+												'edit_posts' => true,
+												'edit_others_posts' => true,
+												'edit_published_posts' => true,
+												'publish_posts' => true,
+												'edit_pages' => true,
+												'upload_images' => true,
+												'read' => true,
+												'level_4' => true,
+												'level_3' => true
+												)),
+											
+									'staff_writer' =>
+									array('name' => __('Staff Writer'),
+											'capabilities' => array(
+												'edit_posts' => true,
+												'publish_posts' => true,
+												'upload_images' => true,
+												'read' => true,
+												'level_2' => true
+												)),
+											
+									'freelancer' =>
+									array('name' => __('Freelancer'),
+											'capabilities' => array(
+												'edit_posts' => true,
+												'read' => true,
+												'level_1' => true
+												)),
+											
+									'designer' =>
+									array('name' => __('Designer'),
+											'capabilities' => array(
+												'edit_themes' => true,
+												'read' => true
+												)),
+											
+									'subscriber' =>
+									array('name' => __('Subscriber'),
+											'capabilities' => array(
+												'read' => true,
+												'level_0' => true
+												)),
+											
+									'inactive' =>
+									array('name' => __('Inactive'),
+												'capabilities' => array())
+									);
+
+	add_option($table_prefix . 'user_roles', $roles);
+}
 ?>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: capabilities.php
Type: text/x-patch
Size: 6173 bytes
Desc: not available
Url : http://comox.textdrive.com/pipermail/wp-hackers/attachments/20050710/100d9b60/capabilities.bin


More information about the wp-hackers mailing list