permissions cleanup
This commit is contained in:
parent
c09cff5056
commit
fc34fea533
@ -40,7 +40,7 @@ class WhatDidTheySay {
|
|||||||
* @return bool True if the transcript was saved, false otherwise.
|
* @return bool True if the transcript was saved, false otherwise.
|
||||||
*/
|
*/
|
||||||
function save_transcript($post_id, $language, $transcript) {
|
function save_transcript($post_id, $language, $transcript) {
|
||||||
if ($this->is_user_allowed_to_update()) {
|
if (current_user_can('submit_transcriptions')) {
|
||||||
$post = get_post($post_id);
|
$post = get_post($post_id);
|
||||||
if (!empty($post)) {
|
if (!empty($post)) {
|
||||||
$current_transcripts = get_post_meta($post_id, "provided_transcripts", true);
|
$current_transcripts = get_post_meta($post_id, "provided_transcripts", true);
|
||||||
@ -77,7 +77,7 @@ class WhatDidTheySay {
|
|||||||
function get_queued_transcriptions_for_post($post_id) {
|
function get_queued_transcriptions_for_post($post_id) {
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
if ($this->is_user_allowed_to_update()) {
|
if (current_user_can('submit_transcriptions')) {
|
||||||
$post = get_post($post_id);
|
$post = get_post($post_id);
|
||||||
if (!empty($post)) {
|
if (!empty($post)) {
|
||||||
$query = $wpdb->prepare('SELECT * FROM %s WHERE post_id = %d', $this->table, $post_id);
|
$query = $wpdb->prepare('SELECT * FROM %s WHERE post_id = %d', $this->table, $post_id);
|
||||||
@ -105,7 +105,7 @@ class WhatDidTheySay {
|
|||||||
function add_queued_transcription_to_post($post_id, $transcript_info) {
|
function add_queued_transcription_to_post($post_id, $transcript_info) {
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
if ($this->is_user_allowed_to_update()) {
|
if (current_user_can('approve_transcriptions')) {
|
||||||
$post = get_post($post_id);
|
$post = get_post($post_id);
|
||||||
if (!empty($post)) {
|
if (!empty($post)) {
|
||||||
$transcript_info = (array)$transcript_info;
|
$transcript_info = (array)$transcript_info;
|
||||||
@ -132,23 +132,6 @@ class WhatDidTheySay {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
function is_user_allowed_to_update() {
|
|
||||||
$options = get_option('what-did-they-say-options');
|
|
||||||
$user_info = wp_get_current_user();
|
|
||||||
|
|
||||||
$ok = false;
|
|
||||||
if ($options['only_allowed_users']) {
|
|
||||||
$ok = in_array($user_info->ID, $options['allowed_users']);
|
|
||||||
} else {
|
|
||||||
$ok = true;
|
|
||||||
if (!current_user_can('edit_posts')) {
|
|
||||||
$ok = in_array($user_info->ID, $options['allowed_users']);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return $ok;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Update a queued transcript.
|
* Update a queued transcript.
|
||||||
* @param array $update_info The info on the transcript being updated.
|
* @param array $update_info The info on the transcript being updated.
|
||||||
@ -157,7 +140,7 @@ class WhatDidTheySay {
|
|||||||
function update_queued_transcription($update_info) {
|
function update_queued_transcription($update_info) {
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
if ($this->is_user_allowed_to_update()) {
|
if (current_user_can('submit_transcriptions')) {
|
||||||
$query = $wpdb->prepare("SELECT * FROM %s WHERE id = %d", $this->table, $update_info['id']);
|
$query = $wpdb->prepare("SELECT * FROM %s WHERE id = %d", $this->table, $update_info['id']);
|
||||||
$result = $wpdb->get_results($query);
|
$result = $wpdb->get_results($query);
|
||||||
|
|
||||||
@ -187,7 +170,7 @@ class WhatDidTheySay {
|
|||||||
function delete_queued_transcription($transcription_id) {
|
function delete_queued_transcription($transcription_id) {
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
if ($this->is_user_allowed_to_update()) {
|
if (current_user_can('submit_transcriptions')) {
|
||||||
$query = $wpdb->prepare("SELECT id FROM %s WHERE id = %d", $this->table, $transcription_id);
|
$query = $wpdb->prepare("SELECT id FROM %s WHERE id = %d", $this->table, $transcription_id);
|
||||||
if (!is_null($wpdb->get_var($query))) {
|
if (!is_null($wpdb->get_var($query))) {
|
||||||
$query = $wpdb->prepare("DELETE FROM %s WHERE id = %d", $this->table, $transcription_id);
|
$query = $wpdb->prepare("DELETE FROM %s WHERE id = %d", $this->table, $transcription_id);
|
||||||
@ -202,7 +185,7 @@ class WhatDidTheySay {
|
|||||||
function add_transcription_to_post($transcription_id) {
|
function add_transcription_to_post($transcription_id) {
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
if ($this->is_user_allowed_to_update()) {
|
if (current_user_can('approve_transcriptions')) {
|
||||||
$query = $wpdb->prepare("SELECT * from %s WHERE id = %d", $this->table, $transcription_id);
|
$query = $wpdb->prepare("SELECT * from %s WHERE id = %d", $this->table, $transcription_id);
|
||||||
$result = $wpdb->get_results($query);
|
$result = $wpdb->get_results($query);
|
||||||
if (is_array($result)) {
|
if (is_array($result)) {
|
||||||
@ -222,7 +205,7 @@ class WhatDidTheySay {
|
|||||||
}
|
}
|
||||||
|
|
||||||
function delete_transcript($post_id, $language) {
|
function delete_transcript($post_id, $language) {
|
||||||
if ($this->is_user_allowed_to_update()) {
|
if (current_user_can('approve_transcriptions')) {
|
||||||
$post = get_post($post_id);
|
$post = get_post($post_id);
|
||||||
if (!empty($post)) {
|
if (!empty($post)) {
|
||||||
$current_transcripts = get_post_meta($post_id, "provided_transcripts", true);
|
$current_transcripts = get_post_meta($post_id, "provided_transcripts", true);
|
||||||
|
@ -60,7 +60,7 @@
|
|||||||
<td>
|
<td>
|
||||||
<?php if ($default) { _e('(yes)', 'what-did-they-say'); } ?>
|
<?php if ($default) { _e('(yes)', 'what-did-they-say'); } ?>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td style="vertical-align: inherit">
|
||||||
<a class="rename button" href="#"><?php _e('Rename', 'what-did-they-say') ?></a>
|
<a class="rename button" href="#"><?php _e('Rename', 'what-did-they-say') ?></a>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
|
@ -9,15 +9,14 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
|||||||
global $wpdb;
|
global $wpdb;
|
||||||
_reset_wp();
|
_reset_wp();
|
||||||
$wpdb = null;
|
$wpdb = null;
|
||||||
|
_set_user_capabilities('submit_transcriptions', 'approve_transcriptions');
|
||||||
}
|
}
|
||||||
|
|
||||||
function testSaveTranscription() {
|
function testSaveTranscription() {
|
||||||
wp_insert_post(array('ID' => 1));
|
wp_insert_post(array('ID' => 1));
|
||||||
|
|
||||||
|
|
||||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||||
$what->expects($this->any())
|
|
||||||
->method('is_user_allowed_to_update')
|
|
||||||
->will($this->returnValue(true));
|
|
||||||
|
|
||||||
$what->save_transcript(1, "en", "This is a transcript");
|
$what->save_transcript(1, "en", "This is a transcript");
|
||||||
$this->assertEquals(array("en" => "This is a transcript"), get_post_meta(1, "provided_transcripts", true));
|
$this->assertEquals(array("en" => "This is a transcript"), get_post_meta(1, "provided_transcripts", true));
|
||||||
@ -45,9 +44,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
|||||||
wp_insert_post(array('ID' => 1));
|
wp_insert_post(array('ID' => 1));
|
||||||
|
|
||||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||||
$what->expects($this->any())
|
|
||||||
->method('is_user_allowed_to_update')
|
|
||||||
->will($this->returnValue(true));
|
|
||||||
|
|
||||||
$wpdb = $this->getMock('wpdb', array('get_results', 'prepare'));
|
$wpdb = $this->getMock('wpdb', array('get_results', 'prepare'));
|
||||||
|
|
||||||
@ -125,9 +121,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
|||||||
->will($this->returnValue($expected_query));
|
->will($this->returnValue($expected_query));
|
||||||
|
|
||||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||||
$what->expects($this->any())
|
|
||||||
->method('is_user_allowed_to_update')
|
|
||||||
->will($this->returnValue(true));
|
|
||||||
|
|
||||||
if ($expected_result === true) {
|
if ($expected_result === true) {
|
||||||
$wpdb->expects($this->once())
|
$wpdb->expects($this->once())
|
||||||
@ -146,37 +139,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
|||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
function providerTestIsUserAllowedToUpdate() {
|
|
||||||
return array(
|
|
||||||
array(
|
|
||||||
false, array(), array(), 1, false
|
|
||||||
),
|
|
||||||
array(
|
|
||||||
false, array('edit_posts'), array(), 1, true
|
|
||||||
),
|
|
||||||
array(
|
|
||||||
true, array(), array(2), 1, false
|
|
||||||
),
|
|
||||||
array(
|
|
||||||
true, array(), array(1), 1, true
|
|
||||||
),
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @dataProvider providerTestIsUserAllowedToUpdate
|
|
||||||
*/
|
|
||||||
function testIsUserAllowedToUpdate($only_allowed_users, $current_user_can, $allowed_users, $current_user_id, $expected_result) {
|
|
||||||
update_option('what-did-they-say-options', array('allowed_users' => $allowed_users, 'only_allowed_users' => $only_allowed_users));
|
|
||||||
_set_user_capabilities($current_user_can);
|
|
||||||
wp_insert_user(array('ID' => 1, 'first_name' => 'Test', 'last_name' => 'User'));
|
|
||||||
wp_set_current_user($current_user_id);
|
|
||||||
|
|
||||||
|
|
||||||
$what = new WhatDidTheySay();
|
|
||||||
$this->assertEquals($expected_result, $what->is_user_allowed_to_update());
|
|
||||||
}
|
|
||||||
|
|
||||||
function providerTestUpdateQueuedTranscription() {
|
function providerTestUpdateQueuedTranscription() {
|
||||||
return array(
|
return array(
|
||||||
array(
|
array(
|
||||||
@ -202,9 +164,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
|||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||||
$what->expects($this->once())
|
|
||||||
->method('is_user_allowed_to_update')
|
|
||||||
->will($this->returnValue(true));
|
|
||||||
|
|
||||||
$wpdb = $this->getMock('wpdb', array('prepare', 'get_results', 'query'));
|
$wpdb = $this->getMock('wpdb', array('prepare', 'get_results', 'query'));
|
||||||
|
|
||||||
@ -242,9 +201,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
|||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||||
$what->expects($this->once())
|
|
||||||
->method('is_user_allowed_to_update')
|
|
||||||
->will($this->returnValue(true));
|
|
||||||
|
|
||||||
$wpdb = $this->getMock('wpdb', array('prepare', 'get_var', 'query'));
|
$wpdb = $this->getMock('wpdb', array('prepare', 'get_var', 'query'));
|
||||||
|
|
||||||
@ -275,9 +231,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
|||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update', 'save_transcript'));
|
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update', 'save_transcript'));
|
||||||
$what->expects($this->once())
|
|
||||||
->method('is_user_allowed_to_update')
|
|
||||||
->will($this->returnValue(true));
|
|
||||||
|
|
||||||
wp_insert_post((object)array('ID' => 1));
|
wp_insert_post((object)array('ID' => 1));
|
||||||
|
|
||||||
@ -301,9 +254,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
|||||||
|
|
||||||
function testDeleteTranscript() {
|
function testDeleteTranscript() {
|
||||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||||
$what->expects($this->once())
|
|
||||||
->method('is_user_allowed_to_update')
|
|
||||||
->will($this->returnValue(true));
|
|
||||||
|
|
||||||
wp_insert_post((object)array('ID' => 1));
|
wp_insert_post((object)array('ID' => 1));
|
||||||
update_post_meta(1, "provided_transcripts", array("en" => "This is a transcript"));
|
update_post_meta(1, "provided_transcripts", array("en" => "This is a transcript"));
|
||||||
|
Loading…
Reference in New Issue
Block a user