From fc34fea5334049e54d7fd9184dbd3f8fc0d1db61 Mon Sep 17 00:00:00 2001 From: John Bintz Date: Tue, 18 Aug 2009 20:21:21 -0400 Subject: [PATCH] permissions cleanup --- classes/WhatDidTheySay.php | 31 +++++---------------- classes/admin.inc | 2 +- test/WhatDidTheySayTest.php | 54 ++----------------------------------- 3 files changed, 10 insertions(+), 77 deletions(-) diff --git a/classes/WhatDidTheySay.php b/classes/WhatDidTheySay.php index 4fab6dd..fb911e1 100644 --- a/classes/WhatDidTheySay.php +++ b/classes/WhatDidTheySay.php @@ -40,7 +40,7 @@ class WhatDidTheySay { * @return bool True if the transcript was saved, false otherwise. */ function save_transcript($post_id, $language, $transcript) { - if ($this->is_user_allowed_to_update()) { + if (current_user_can('submit_transcriptions')) { $post = get_post($post_id); if (!empty($post)) { $current_transcripts = get_post_meta($post_id, "provided_transcripts", true); @@ -77,7 +77,7 @@ class WhatDidTheySay { function get_queued_transcriptions_for_post($post_id) { global $wpdb; - if ($this->is_user_allowed_to_update()) { + if (current_user_can('submit_transcriptions')) { $post = get_post($post_id); if (!empty($post)) { $query = $wpdb->prepare('SELECT * FROM %s WHERE post_id = %d', $this->table, $post_id); @@ -105,7 +105,7 @@ class WhatDidTheySay { function add_queued_transcription_to_post($post_id, $transcript_info) { global $wpdb; - if ($this->is_user_allowed_to_update()) { + if (current_user_can('approve_transcriptions')) { $post = get_post($post_id); if (!empty($post)) { $transcript_info = (array)$transcript_info; @@ -132,23 +132,6 @@ class WhatDidTheySay { return false; } - function is_user_allowed_to_update() { - $options = get_option('what-did-they-say-options'); - $user_info = wp_get_current_user(); - - $ok = false; - if ($options['only_allowed_users']) { - $ok = in_array($user_info->ID, $options['allowed_users']); - } else { - $ok = true; - if (!current_user_can('edit_posts')) { - $ok = in_array($user_info->ID, $options['allowed_users']); - } - } - - return $ok; - } - /** * Update a queued transcript. * @param array $update_info The info on the transcript being updated. @@ -157,7 +140,7 @@ class WhatDidTheySay { function update_queued_transcription($update_info) { global $wpdb; - if ($this->is_user_allowed_to_update()) { + if (current_user_can('submit_transcriptions')) { $query = $wpdb->prepare("SELECT * FROM %s WHERE id = %d", $this->table, $update_info['id']); $result = $wpdb->get_results($query); @@ -187,7 +170,7 @@ class WhatDidTheySay { function delete_queued_transcription($transcription_id) { global $wpdb; - if ($this->is_user_allowed_to_update()) { + if (current_user_can('submit_transcriptions')) { $query = $wpdb->prepare("SELECT id FROM %s WHERE id = %d", $this->table, $transcription_id); if (!is_null($wpdb->get_var($query))) { $query = $wpdb->prepare("DELETE FROM %s WHERE id = %d", $this->table, $transcription_id); @@ -202,7 +185,7 @@ class WhatDidTheySay { function add_transcription_to_post($transcription_id) { global $wpdb; - if ($this->is_user_allowed_to_update()) { + if (current_user_can('approve_transcriptions')) { $query = $wpdb->prepare("SELECT * from %s WHERE id = %d", $this->table, $transcription_id); $result = $wpdb->get_results($query); if (is_array($result)) { @@ -222,7 +205,7 @@ class WhatDidTheySay { } function delete_transcript($post_id, $language) { - if ($this->is_user_allowed_to_update()) { + if (current_user_can('approve_transcriptions')) { $post = get_post($post_id); if (!empty($post)) { $current_transcripts = get_post_meta($post_id, "provided_transcripts", true); diff --git a/classes/admin.inc b/classes/admin.inc index 4392950..65a9337 100644 --- a/classes/admin.inc +++ b/classes/admin.inc @@ -60,7 +60,7 @@ - + diff --git a/test/WhatDidTheySayTest.php b/test/WhatDidTheySayTest.php index 41113d1..4a27c58 100644 --- a/test/WhatDidTheySayTest.php +++ b/test/WhatDidTheySayTest.php @@ -9,15 +9,14 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase { global $wpdb; _reset_wp(); $wpdb = null; + _set_user_capabilities('submit_transcriptions', 'approve_transcriptions'); } function testSaveTranscription() { wp_insert_post(array('ID' => 1)); + $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); - $what->expects($this->any()) - ->method('is_user_allowed_to_update') - ->will($this->returnValue(true)); $what->save_transcript(1, "en", "This is a transcript"); $this->assertEquals(array("en" => "This is a transcript"), get_post_meta(1, "provided_transcripts", true)); @@ -45,9 +44,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase { wp_insert_post(array('ID' => 1)); $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); - $what->expects($this->any()) - ->method('is_user_allowed_to_update') - ->will($this->returnValue(true)); $wpdb = $this->getMock('wpdb', array('get_results', 'prepare')); @@ -125,9 +121,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase { ->will($this->returnValue($expected_query)); $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); - $what->expects($this->any()) - ->method('is_user_allowed_to_update') - ->will($this->returnValue(true)); if ($expected_result === true) { $wpdb->expects($this->once()) @@ -146,37 +139,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase { )); } - function providerTestIsUserAllowedToUpdate() { - return array( - array( - false, array(), array(), 1, false - ), - array( - false, array('edit_posts'), array(), 1, true - ), - array( - true, array(), array(2), 1, false - ), - array( - true, array(), array(1), 1, true - ), - ); - } - - /** - * @dataProvider providerTestIsUserAllowedToUpdate - */ - function testIsUserAllowedToUpdate($only_allowed_users, $current_user_can, $allowed_users, $current_user_id, $expected_result) { - update_option('what-did-they-say-options', array('allowed_users' => $allowed_users, 'only_allowed_users' => $only_allowed_users)); - _set_user_capabilities($current_user_can); - wp_insert_user(array('ID' => 1, 'first_name' => 'Test', 'last_name' => 'User')); - wp_set_current_user($current_user_id); - - - $what = new WhatDidTheySay(); - $this->assertEquals($expected_result, $what->is_user_allowed_to_update()); - } - function providerTestUpdateQueuedTranscription() { return array( array( @@ -202,9 +164,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase { global $wpdb; $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); - $what->expects($this->once()) - ->method('is_user_allowed_to_update') - ->will($this->returnValue(true)); $wpdb = $this->getMock('wpdb', array('prepare', 'get_results', 'query')); @@ -242,9 +201,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase { global $wpdb; $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); - $what->expects($this->once()) - ->method('is_user_allowed_to_update') - ->will($this->returnValue(true)); $wpdb = $this->getMock('wpdb', array('prepare', 'get_var', 'query')); @@ -275,9 +231,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase { global $wpdb; $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update', 'save_transcript')); - $what->expects($this->once()) - ->method('is_user_allowed_to_update') - ->will($this->returnValue(true)); wp_insert_post((object)array('ID' => 1)); @@ -301,9 +254,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase { function testDeleteTranscript() { $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); - $what->expects($this->once()) - ->method('is_user_allowed_to_update') - ->will($this->returnValue(true)); wp_insert_post((object)array('ID' => 1)); update_post_meta(1, "provided_transcripts", array("en" => "This is a transcript"));