github-migration
/
what-did-they-say
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

permissions cleanup

This commit is contained in:
John Bintz 2009-08-18 20:21:21 -04:00
parent c09cff5056
commit fc34fea533
3 changed files with 10 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
classes/WhatDidTheySay.php
View File

@ -40,7 +40,7 @@ class WhatDidTheySay {
* @return bool True if the transcript was saved, false otherwise. * @return bool True if the transcript was saved, false otherwise.
*/ */
function save_transcript($post_id, $language, $transcript) { function save_transcript($post_id, $language, $transcript) {
if ($this->is_user_allowed_to_update()) { if (current_user_can('submit_transcriptions')) {
$post = get_post($post_id); $post = get_post($post_id);
if (!empty($post)) { if (!empty($post)) {
$current_transcripts = get_post_meta($post_id, "provided_transcripts", true); $current_transcripts = get_post_meta($post_id, "provided_transcripts", true);
@ -77,7 +77,7 @@ class WhatDidTheySay {
function get_queued_transcriptions_for_post($post_id) { function get_queued_transcriptions_for_post($post_id) {
global $wpdb; global $wpdb;
if ($this->is_user_allowed_to_update()) { if (current_user_can('submit_transcriptions')) {
$post = get_post($post_id); $post = get_post($post_id);
if (!empty($post)) { if (!empty($post)) {
$query = $wpdb->prepare('SELECT * FROM %s WHERE post_id = %d', $this->table, $post_id); $query = $wpdb->prepare('SELECT * FROM %s WHERE post_id = %d', $this->table, $post_id);
@ -105,7 +105,7 @@ class WhatDidTheySay {
function add_queued_transcription_to_post($post_id, $transcript_info) { function add_queued_transcription_to_post($post_id, $transcript_info) {
global $wpdb; global $wpdb;
if ($this->is_user_allowed_to_update()) { if (current_user_can('approve_transcriptions')) {
$post = get_post($post_id); $post = get_post($post_id);
if (!empty($post)) { if (!empty($post)) {
$transcript_info = (array)$transcript_info; $transcript_info = (array)$transcript_info;
@ -132,23 +132,6 @@ class WhatDidTheySay {
return false; return false;
} }
function is_user_allowed_to_update() {
$options = get_option('what-did-they-say-options');
$user_info = wp_get_current_user();
$ok = false;
if ($options['only_allowed_users']) {
$ok = in_array($user_info->ID, $options['allowed_users']);
} else {
$ok = true;
if (!current_user_can('edit_posts')) {
$ok = in_array($user_info->ID, $options['allowed_users']);
}
}
return $ok;
}
/** /**
* Update a queued transcript. * Update a queued transcript.
* @param array $update_info The info on the transcript being updated. * @param array $update_info The info on the transcript being updated.
@ -157,7 +140,7 @@ class WhatDidTheySay {
function update_queued_transcription($update_info) { function update_queued_transcription($update_info) {
global $wpdb; global $wpdb;
if ($this->is_user_allowed_to_update()) { if (current_user_can('submit_transcriptions')) {
$query = $wpdb->prepare("SELECT * FROM %s WHERE id = %d", $this->table, $update_info['id']); $query = $wpdb->prepare("SELECT * FROM %s WHERE id = %d", $this->table, $update_info['id']);
$result = $wpdb->get_results($query); $result = $wpdb->get_results($query);
@ -187,7 +170,7 @@ class WhatDidTheySay {
function delete_queued_transcription($transcription_id) { function delete_queued_transcription($transcription_id) {
global $wpdb; global $wpdb;
if ($this->is_user_allowed_to_update()) { if (current_user_can('submit_transcriptions')) {
$query = $wpdb->prepare("SELECT id FROM %s WHERE id = %d", $this->table, $transcription_id); $query = $wpdb->prepare("SELECT id FROM %s WHERE id = %d", $this->table, $transcription_id);
if (!is_null($wpdb->get_var($query))) { if (!is_null($wpdb->get_var($query))) {
$query = $wpdb->prepare("DELETE FROM %s WHERE id = %d", $this->table, $transcription_id); $query = $wpdb->prepare("DELETE FROM %s WHERE id = %d", $this->table, $transcription_id);
@ -202,7 +185,7 @@ class WhatDidTheySay {
function add_transcription_to_post($transcription_id) { function add_transcription_to_post($transcription_id) {
global $wpdb; global $wpdb;
if ($this->is_user_allowed_to_update()) { if (current_user_can('approve_transcriptions')) {
$query = $wpdb->prepare("SELECT * from %s WHERE id = %d", $this->table, $transcription_id); $query = $wpdb->prepare("SELECT * from %s WHERE id = %d", $this->table, $transcription_id);
$result = $wpdb->get_results($query); $result = $wpdb->get_results($query);
if (is_array($result)) { if (is_array($result)) {
@ -222,7 +205,7 @@ class WhatDidTheySay {
} }
function delete_transcript($post_id, $language) { function delete_transcript($post_id, $language) {
if ($this->is_user_allowed_to_update()) { if (current_user_can('approve_transcriptions')) {
$post = get_post($post_id); $post = get_post($post_id);
if (!empty($post)) { if (!empty($post)) {
$current_transcripts = get_post_meta($post_id, "provided_transcripts", true); $current_transcripts = get_post_meta($post_id, "provided_transcripts", true);

2
classes/admin.inc
View File

@ -60,7 +60,7 @@
<td> <td>
<?php if ($default) { _e('(yes)', 'what-did-they-say'); } ?> <?php if ($default) { _e('(yes)', 'what-did-they-say'); } ?>
</td> </td>
<td> <td style="vertical-align: inherit">
<a class="rename button" href="#"><?php _e('Rename', 'what-did-they-say') ?></a> <a class="rename button" href="#"><?php _e('Rename', 'what-did-they-say') ?></a>
</td> </td>
<td> <td>

54
test/WhatDidTheySayTest.php
View File

@ -9,15 +9,14 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
global $wpdb; global $wpdb;
_reset_wp(); _reset_wp();
$wpdb = null; $wpdb = null;
_set_user_capabilities('submit_transcriptions', 'approve_transcriptions');
} }
function testSaveTranscription() { function testSaveTranscription() {
wp_insert_post(array('ID' => 1)); wp_insert_post(array('ID' => 1));
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
$what->expects($this->any())
->method('is_user_allowed_to_update')
->will($this->returnValue(true));
$what->save_transcript(1, "en", "This is a transcript"); $what->save_transcript(1, "en", "This is a transcript");
$this->assertEquals(array("en" => "This is a transcript"), get_post_meta(1, "provided_transcripts", true)); $this->assertEquals(array("en" => "This is a transcript"), get_post_meta(1, "provided_transcripts", true));
@ -45,9 +44,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
wp_insert_post(array('ID' => 1)); wp_insert_post(array('ID' => 1));
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
$what->expects($this->any())
->method('is_user_allowed_to_update')
->will($this->returnValue(true));
$wpdb = $this->getMock('wpdb', array('get_results', 'prepare')); $wpdb = $this->getMock('wpdb', array('get_results', 'prepare'));
@ -125,9 +121,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
->will($this->returnValue($expected_query)); ->will($this->returnValue($expected_query));
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
$what->expects($this->any())
->method('is_user_allowed_to_update')
->will($this->returnValue(true));
if ($expected_result === true) { if ($expected_result === true) {
$wpdb->expects($this->once()) $wpdb->expects($this->once())
@ -146,37 +139,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
)); ));
} }
function providerTestIsUserAllowedToUpdate() {
return array(
array(
false, array(), array(), 1, false
),
array(
false, array('edit_posts'), array(), 1, true
),
array(
true, array(), array(2), 1, false
),
array(
true, array(), array(1), 1, true
),
);
}
/**
* @dataProvider providerTestIsUserAllowedToUpdate
*/
function testIsUserAllowedToUpdate($only_allowed_users, $current_user_can, $allowed_users, $current_user_id, $expected_result) {
update_option('what-did-they-say-options', array('allowed_users' => $allowed_users, 'only_allowed_users' => $only_allowed_users));
_set_user_capabilities($current_user_can);
wp_insert_user(array('ID' => 1, 'first_name' => 'Test', 'last_name' => 'User'));
wp_set_current_user($current_user_id);
$what = new WhatDidTheySay();
$this->assertEquals($expected_result, $what->is_user_allowed_to_update());
}
function providerTestUpdateQueuedTranscription() { function providerTestUpdateQueuedTranscription() {
return array( return array(
array( array(
@ -202,9 +164,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
global $wpdb; global $wpdb;
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
$what->expects($this->once())
->method('is_user_allowed_to_update')
->will($this->returnValue(true));
$wpdb = $this->getMock('wpdb', array('prepare', 'get_results', 'query')); $wpdb = $this->getMock('wpdb', array('prepare', 'get_results', 'query'));
@ -242,9 +201,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
global $wpdb; global $wpdb;
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
$what->expects($this->once())
->method('is_user_allowed_to_update')
->will($this->returnValue(true));
$wpdb = $this->getMock('wpdb', array('prepare', 'get_var', 'query')); $wpdb = $this->getMock('wpdb', array('prepare', 'get_var', 'query'));
@ -275,9 +231,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
global $wpdb; global $wpdb;
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update', 'save_transcript')); $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update', 'save_transcript'));
$what->expects($this->once())
->method('is_user_allowed_to_update')
->will($this->returnValue(true));
wp_insert_post((object)array('ID' => 1)); wp_insert_post((object)array('ID' => 1));
@ -301,9 +254,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
function testDeleteTranscript() { function testDeleteTranscript() {
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update')); $what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
$what->expects($this->once())
->method('is_user_allowed_to_update')
->will($this->returnValue(true));
wp_insert_post((object)array('ID' => 1)); wp_insert_post((object)array('ID' => 1));
update_post_meta(1, "provided_transcripts", array("en" => "This is a transcript")); update_post_meta(1, "provided_transcripts", array("en" => "This is a transcript"));