| Server IP : 104.21.14.48 / Your IP : 3.146.35.1 [ Web Server : Apache System : Linux b70eb322-3aee-0c53-7c82-0db91281f2c6.secureserver.net 6.1.90-1.el9.elrepo.x86_64 #1 SMP PREEMPT_DYNAMIC Thu May 2 12:09:22 EDT 2024 x86_64 User : root ( 0) PHP Version : 8.0.30.2 Disable Function : NONE Domains : 0 Domains MySQL : ON | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /var/www/wp-content/plugins/wordpress-seo/admin/capabilities/ |
Upload File : |
<?php
/**
* WPSEO plugin file.
*
* @package WPSEO\Admin\Capabilities
*/
/**
* Capabilities registration class.
*/
class WPSEO_Register_Capabilities implements WPSEO_WordPress_Integration {
/**
* Registers the hooks.
*
* @return void
*/
public function register_hooks() {
add_action( 'wpseo_register_capabilities', [ $this, 'register' ] );
if ( is_multisite() ) {
add_action( 'user_has_cap', [ $this, 'filter_user_has_wpseo_manage_options_cap' ], 10, 4 );
}
/**
* Maybe add manage_privacy_options capability for wpseo_manager user role.
*/
add_filter( 'map_meta_cap', [ $this, 'map_meta_cap_for_seo_manager' ], 10, 2 );
}
/**
* Registers the capabilities.
*
* @return void
*/
public function register() {
$manager = WPSEO_Capability_Manager_Factory::get();
$manager->register( 'wpseo_bulk_edit', [ 'editor', 'wpseo_editor', 'wpseo_manager' ] );
$manager->register( 'wpseo_edit_advanced_metadata', [ 'editor', 'wpseo_editor', 'wpseo_manager' ] );
$manager->register( 'wpseo_manage_options', [ 'administrator', 'wpseo_manager' ] );
$manager->register( 'view_site_health_checks', [ 'wpseo_manager' ] );
}
/**
* Revokes the 'wpseo_manage_options' capability from administrator users if it should
* only be granted to network administrators.
*
* @param array $allcaps An array of all the user's capabilities.
* @param array $caps Actual capabilities being checked.
* @param array $args Optional parameters passed to has_cap(), typically object ID.
* @param WP_User $user The user object.
*
* @return array Possibly modified array of the user's capabilities.
*/
public function filter_user_has_wpseo_manage_options_cap( $allcaps, $caps, $args, $user ) {
// We only need to do something if 'wpseo_manage_options' is being checked.
if ( ! in_array( 'wpseo_manage_options', $caps, true ) ) {
return $allcaps;
}
// If the user does not have 'wpseo_manage_options' anyway, we don't need to revoke access.
if ( empty( $allcaps['wpseo_manage_options'] ) ) {
return $allcaps;
}
// If the user does not have 'delete_users', they are not an administrator.
if ( empty( $allcaps['delete_users'] ) ) {
return $allcaps;
}
$options = WPSEO_Options::get_instance();
if ( $options->get( 'access' ) === 'superadmin' && ! is_super_admin( $user->ID ) ) {
unset( $allcaps['wpseo_manage_options'] );
}
return $allcaps;
}
/**
* Maybe add manage_privacy_options capability for wpseo_manager user role.
*
* @param string[] $caps Primitive capabilities required of the user.
* @param string[] $cap Capability being checked.
*
* @return string[] Filtered primitive capabilities required of the user.
*/
public function map_meta_cap_for_seo_manager( $caps, $cap ) {
$user = wp_get_current_user();
// No multisite support.
if ( is_multisite() ) {
return $caps;
}
// User must be of role wpseo_manager.
if ( ! in_array( 'wpseo_manager', $user->roles, true ) ) {
return $caps;
}
// Remove manage_options cap requirement if requested cap is manage_privacy_options.
if ( $cap === 'manage_privacy_options' ) {
return array_diff( $caps, [ 'manage_options' ] );
}
return $caps;
}
}