File "capabilities.php"
Full Path: /home/stylijtl/public_html/wp-content/plugins/google-analytics-for-wordpress/includes/capabilities.php
File size: 3.17 KB
MIME-type: text/x-php
Charset: utf-8
<?php
/**
* Capabilities class.
*
* @access public
* @since 6.0.0
*
* @package MonsterInsights
* @subpackage Capabilities
* @author Chris Christoff
*/
// Exit if accessed directly
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
/**
* Map MonsterInsights Capabilities.
*
* Using meta caps, we're creating virtual capabilities that are
* for backwards compatibility reasons given to users with manage_options, and to
* users who have at least of the roles selected in the options on the permissions
* tab of the MonsterInsights settings.
*
* @access public
*
* @param array $caps Array of capabilities the user has.
* @param string $cap The current cap being filtered.
* @param int $user_id User to check permissions for.
* @param array $args Extra parameters. Unused.
*
* @return array Array of caps needed to have this meta cap. If returned array is empty, user has the capability.
* @since 6.0.0
*
*/
function monsterinsights_add_capabilities( $caps, $cap, $user_id, $args ) {
switch ( $cap ) {
case 'monsterinsights_view_dashboard' :
$roles = monsterinsights_get_option( 'view_reports', array() );
$user_can_via_settings = false;
if ( ! empty( $roles ) && is_array( $roles ) ) {
foreach ( $roles as $role ) {
if ( is_string( $role ) ) {
if ( user_can( $user_id, $role ) ) {
$user_can_via_settings = true;
break;
}
}
}
} else if ( ! empty( $roles ) && is_string( $roles ) ) {
if ( user_can( $user_id, $roles ) ) {
$user_can_via_settings = true;
}
}
if ( user_can( $user_id, 'manage_options' ) || $user_can_via_settings ) {
$caps = array();
}
break;
case 'monsterinsights_save_settings' :
$roles = monsterinsights_get_option( 'save_settings', array() );
$user_can_via_settings = false;
if ( ! empty( $roles ) && is_array( $roles ) ) {
foreach ( $roles as $role ) {
if ( is_string( $role ) ) {
if ( user_can( $user_id, $role ) ) {
$user_can_via_settings = true;
break;
}
}
}
} else if ( ! empty( $roles ) && is_string( $roles ) ) {
if ( user_can( $user_id, $roles ) ) {
$user_can_via_settings = true;
}
}
if ( user_can( $user_id, 'manage_options' ) || $user_can_via_settings ) {
$caps = array();
}
break;
}
return $caps;
}
add_filter( 'map_meta_cap', 'monsterinsights_add_capabilities', 10, 4 );
/**
* Get the list of settings that only users with manage_options can modify.
*
* These are access-control settings that, if modified by a delegated user,
* could lead to privilege escalation.
*
* @since 9.5.2
*
* @return array Array of admin-only setting keys.
*/
function monsterinsights_get_admin_only_settings() {
$settings = array(
'save_settings',
'view_reports',
'ignore_users',
);
return apply_filters( 'monsterinsights_admin_only_settings', $settings );
}
/**
* Check if a given setting key is an admin-only setting.
*
* @since 9.5.2
*
* @param string $setting The setting key to check.
*
* @return bool True if the setting is admin-only, false otherwise.
*/
function monsterinsights_is_admin_only_setting( $setting ) {
return in_array( $setting, monsterinsights_get_admin_only_settings(), true );
}