Changeset 2562232
- Timestamp:
- 07/11/2021 11:46:16 AM (5 years ago)
- Location:
- post-lockdown
- Files:
-
- 6 edited
- 1 copied
-
tags/3.0.4 (copied) (copied from post-lockdown/trunk)
-
tags/3.0.4/post-lockdown.php (modified) (1 diff)
-
tags/3.0.4/readme.txt (modified) (2 diffs)
-
tags/3.0.4/src/PostLockdown/PostLockdown.php (modified) (4 diffs)
-
trunk/post-lockdown.php (modified) (1 diff)
-
trunk/readme.txt (modified) (2 diffs)
-
trunk/src/PostLockdown/PostLockdown.php (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
post-lockdown/tags/3.0.4/post-lockdown.php
r2373902 r2562232 3 3 * Plugin Name: Post Lockdown 4 4 * Description: Allows admins to protect selected posts and pages so they cannot be trashed or deleted by non-admin users. 5 * Version: 3.0. 35 * Version: 3.0.4 6 6 * Author: Andy Palmer 7 7 * Author URI: https://andypalmer.me -
post-lockdown/tags/3.0.4/readme.txt
r2522256 r2562232 5 5 Requires at least: 3.8 6 6 Tested up to: 5.7 7 Stable tag: 3.0. 37 Stable tag: 3.0.4 8 8 License: GPLv2 or later 9 9 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 68 68 == Changelog == 69 69 70 = 3.0.4 = 71 * Fixed a bug that caused authors to be able to edit and delete other's posts (Thanks @kumar314) 72 * Fixed a PHP warning that appeared when creating a new post 73 70 74 = 3.0.3 = 71 75 * Improved performance whilst fetching posts (Thanks to joshuadavidnelson) -
post-lockdown/tags/3.0.4/src/PostLockdown/PostLockdown.php
r2373902 r2562232 7 7 /** Plugin key for options and the option page. */ 8 8 const KEY = 'postlockdown'; 9 const VERSION = '3.0. 3';9 const VERSION = '3.0.4'; 10 10 11 11 /** @var array List of post IDs which cannot be edited, trashed or deleted. */ … … 253 253 public function _filter_cap($allcaps, $cap, $args) 254 254 { 255 /* If the user doesn't have the required capabilities to begin with we can return early 256 * because we never want to give users more capabilities than they already have. 257 * We only want to restrict capabilities based on whether the post is locked or protected. 258 */ 259 foreach ($cap as $requiredCap) { 260 if (empty($allcaps[$requiredCap])) { 261 return $allcaps; 262 } 263 } 264 255 265 /* If there are no locked or protected posts, or the user 256 266 * has the required capability to bypass restrictions get out of here. … … 276 286 } 277 287 278 // If the post is locked set the capability to false. 279 $has_cap = !$this->is_post_locked($post_id); 280 281 /* If the user still has the capability and we're not editing a post, 282 * set the capability to false if the post is protected. 283 */ 284 if ($has_cap && 'edit_post' !== $args[0]) { 285 $has_cap = !$this->is_post_protected($post_id); 286 } 287 288 $allcaps[$cap[0]] = $has_cap; 288 $has_cap = true; 289 290 if ($this->is_post_locked($post_id) || ('edit_post' !== $args[0] && $this->is_post_protected($post_id))) { 291 $has_cap = false; 292 } 293 294 foreach ($cap as $requiredCap) { 295 $allcaps[$requiredCap] = $has_cap; 296 } 289 297 290 298 return $allcaps; … … 306 314 { 307 315 $post_id = $postarr['ID']; 316 317 if ($post_id === 0) { 318 // New post 319 return $data; 320 } 321 308 322 $post = get_post($post_id); 309 323 -
post-lockdown/trunk/post-lockdown.php
r2373902 r2562232 3 3 * Plugin Name: Post Lockdown 4 4 * Description: Allows admins to protect selected posts and pages so they cannot be trashed or deleted by non-admin users. 5 * Version: 3.0. 35 * Version: 3.0.4 6 6 * Author: Andy Palmer 7 7 * Author URI: https://andypalmer.me -
post-lockdown/trunk/readme.txt
r2522256 r2562232 5 5 Requires at least: 3.8 6 6 Tested up to: 5.7 7 Stable tag: 3.0. 37 Stable tag: 3.0.4 8 8 License: GPLv2 or later 9 9 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 68 68 == Changelog == 69 69 70 = 3.0.4 = 71 * Fixed a bug that caused authors to be able to edit and delete other's posts (Thanks @kumar314) 72 * Fixed a PHP warning that appeared when creating a new post 73 70 74 = 3.0.3 = 71 75 * Improved performance whilst fetching posts (Thanks to joshuadavidnelson) -
post-lockdown/trunk/src/PostLockdown/PostLockdown.php
r2373902 r2562232 7 7 /** Plugin key for options and the option page. */ 8 8 const KEY = 'postlockdown'; 9 const VERSION = '3.0. 3';9 const VERSION = '3.0.4'; 10 10 11 11 /** @var array List of post IDs which cannot be edited, trashed or deleted. */ … … 253 253 public function _filter_cap($allcaps, $cap, $args) 254 254 { 255 /* If the user doesn't have the required capabilities to begin with we can return early 256 * because we never want to give users more capabilities than they already have. 257 * We only want to restrict capabilities based on whether the post is locked or protected. 258 */ 259 foreach ($cap as $requiredCap) { 260 if (empty($allcaps[$requiredCap])) { 261 return $allcaps; 262 } 263 } 264 255 265 /* If there are no locked or protected posts, or the user 256 266 * has the required capability to bypass restrictions get out of here. … … 276 286 } 277 287 278 // If the post is locked set the capability to false. 279 $has_cap = !$this->is_post_locked($post_id); 280 281 /* If the user still has the capability and we're not editing a post, 282 * set the capability to false if the post is protected. 283 */ 284 if ($has_cap && 'edit_post' !== $args[0]) { 285 $has_cap = !$this->is_post_protected($post_id); 286 } 287 288 $allcaps[$cap[0]] = $has_cap; 288 $has_cap = true; 289 290 if ($this->is_post_locked($post_id) || ('edit_post' !== $args[0] && $this->is_post_protected($post_id))) { 291 $has_cap = false; 292 } 293 294 foreach ($cap as $requiredCap) { 295 $allcaps[$requiredCap] = $has_cap; 296 } 289 297 290 298 return $allcaps; … … 306 314 { 307 315 $post_id = $postarr['ID']; 316 317 if ($post_id === 0) { 318 // New post 319 return $data; 320 } 321 308 322 $post = get_post($post_id); 309 323
Note: See TracChangeset
for help on using the changeset viewer.