Changeset:
5ded93a54840
https://sourceforge.net/p/mrbs/hg-code/ci/5ded93a54840fc36480507a0e05ce8a85ca6dcbe
Author:
Campbell Morrison <[email protected]>
Date:
Fri Oct 28 11:11:07 2016 +0100
Log message:
Added the config setting $auth['wordpress']['user_roles'] so it is possible to
define which WordPress users can use MRBS, instead of just granting all logged
in users access to MRBS.
diffstat:
web/auth/auth_wordpress.inc | 50 ++++++++++++++++++++++++++++++++++----------
web/systemdefaults.inc.php | 18 +++++++++++----
2 files changed, 51 insertions(+), 17 deletions(-)
diffs (102 lines):
diff -r 19a717b0d6d5 -r 5ded93a54840 web/auth/auth_wordpress.inc
--- a/web/auth/auth_wordpress.inc Fri Oct 28 10:41:30 2016 +0100
+++ b/web/auth/auth_wordpress.inc Fri Oct 28 11:11:07 2016 +0100
@@ -54,26 +54,31 @@
return 0;
}
+ // Check to see if the user has admin rights
if (isset($auth['wordpress']['admin_roles']))
{
- // Turn the admin_roles into an array if it isn't alreadt
- $admin_roles = $auth['wordpress']['admin_roles'];
- if (!is_array($admin_roles))
- {
- $admin_roles = array($admin_roles);
- }
- // Put the roles into the standard WordPress format
- $admin_roles = array_map(__NAMESPACE__ . "\\standardise_role_name",
$admin_roles);
-
- // Check to see if one of the user's roles is an admin role
- if (count(array_intersect($wp_user->roles, $admin_roles)) > 0)
+ // Check to see if one of the user's roles is an MRBS admin role
+ if (check_roles($wp_user, $auth['wordpress']['admin_roles']))
{
$user_levels[$user] = 2;
return $user_levels[$user];
}
}
- $user_levels[$user] = 1;
+ // Check to see if the user has user rights
+ if (isset($auth['wordpress']['user_roles']))
+ {
+ // Check to see if one of the user's roles is an MRBS user role
+ if (check_roles($wp_user, $auth['wordpress']['user_roles']))
+ {
+ $user_levels[$user] = 1;
+ return $user_levels[$user];
+ }
+ }
+
+ // Everybody else is access level '0'
+ $user_levels[$user] = 0;
+
return $user_levels[$user];
}
@@ -97,4 +102,25 @@
function standardise_role_name($role)
{
return str_replace(' ', '_', utf8_strtolower($role));
+}
+
+
+// Checks to see whether any of the user's roles are contained in $mrbs_roles,
which can be a
+// string or an array of strings.
+function check_roles($wp_user, $mrbs_roles)
+{
+ if (!isset($mrbs_roles))
+ {
+ return false;
+ }
+
+ // Turn $mrbs_roles into an array if it isn't already
+ if (!is_array($mrbs_roles))
+ {
+ $mrbs_roles = array($mrbs_roles);
+ }
+ // Put the roles into the standard WordPress format
+ $mrbs_roles = array_map(__NAMESPACE__ . "\\standardise_role_name",
$mrbs_roles);
+
+ return (count(array_intersect($wp_user->roles, $mrbs_roles)) > 0);
}
\ No newline at end of file
diff -r 19a717b0d6d5 -r 5ded93a54840 web/systemdefaults.inc.php
--- a/web/systemdefaults.inc.php Fri Oct 28 10:41:30 2016 +0100
+++ b/web/systemdefaults.inc.php Fri Oct 28 11:11:07 2016 +0100
@@ -881,11 +881,19 @@
// 'auth_wordpress' configuration settings
$auth['wordpress']['rel_path'] = '..'; // Path to the WordPress installation
relative to MRBS.
-// List of WordPress roles that have MRBS Admin capabilities. The default is
'Administrator'.
-// However you can define more than one WordPress role that maps to the MRBS
Admin role by using
-// an array. The example below assumes that you have created a new WordPress
role called "MRBS Admin"
-// (probably by using a WordPress plugin) and assigned that role to those
users that you want to be MRBS admins.
-$auth['wordpress']['admin_roles'] = 'Administrator'; // can also be an array,
eg = array('Administrator', 'MRBS Admin');
+// List of WordPress roles that have MRBS Admin capabilities. The default is
'administrator'.
+// Note that these role names are the keys used to store the name, which are
typically in lower case
+// English, eg 'administrator', and not the values which are displayed on the
dashboard form, which will
+// generally start with a capital and be translated, eg 'Administrator' or
'Administrateur' (French),
+// depending on the site language you have chosen for WordPress.
+// You can define more than one WordPress role that maps to the MRBS Admin
role by using
+// an array. The comment below assumes that you have created a new WordPress
role (probably by using
+// a WordPress plugin) called "MRBS Admin", which will typically (depending on
the plugin) have a key of
+// 'mrbs_admin', and that you assigned that role to those users that you want
to be MRBS admins.
+$auth['wordpress']['admin_roles'] = 'administrator'; // can also be an array,
eg = array('administrator', 'mrbs_admin');
+// List of WordPress roles that have MRBS User capabilities. This allows you
to have some WordPress users
+// who are authorised to use MRBS and some who are not.
+$auth['wordpress']['user_roles'] = array('subscriber', 'contributor',
'author', 'editor', 'administrator');
// Note - you are also advised to set the following in your wp-config.php so
that the auth
// cookies can be shared between MRBS and WordPress:
------------------------------------------------------------------------------
The Command Line: Reinvented for Modern Developers
Did the resurgence of CLI tooling catch you by surprise?
Reconnect with the command line and become more productive.
Learn the new .NET and ASP.NET CLI. Get your free copy!
http://sdm.link/telerik
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
