permissions cleanup
This commit is contained in:
parent
c09cff5056
commit
fc34fea533
@ -40,7 +40,7 @@ class WhatDidTheySay {
|
||||
* @return bool True if the transcript was saved, false otherwise.
|
||||
*/
|
||||
function save_transcript($post_id, $language, $transcript) {
|
||||
if ($this->is_user_allowed_to_update()) {
|
||||
if (current_user_can('submit_transcriptions')) {
|
||||
$post = get_post($post_id);
|
||||
if (!empty($post)) {
|
||||
$current_transcripts = get_post_meta($post_id, "provided_transcripts", true);
|
||||
@ -77,7 +77,7 @@ class WhatDidTheySay {
|
||||
function get_queued_transcriptions_for_post($post_id) {
|
||||
global $wpdb;
|
||||
|
||||
if ($this->is_user_allowed_to_update()) {
|
||||
if (current_user_can('submit_transcriptions')) {
|
||||
$post = get_post($post_id);
|
||||
if (!empty($post)) {
|
||||
$query = $wpdb->prepare('SELECT * FROM %s WHERE post_id = %d', $this->table, $post_id);
|
||||
@ -105,7 +105,7 @@ class WhatDidTheySay {
|
||||
function add_queued_transcription_to_post($post_id, $transcript_info) {
|
||||
global $wpdb;
|
||||
|
||||
if ($this->is_user_allowed_to_update()) {
|
||||
if (current_user_can('approve_transcriptions')) {
|
||||
$post = get_post($post_id);
|
||||
if (!empty($post)) {
|
||||
$transcript_info = (array)$transcript_info;
|
||||
@ -132,23 +132,6 @@ class WhatDidTheySay {
|
||||
return false;
|
||||
}
|
||||
|
||||
function is_user_allowed_to_update() {
|
||||
$options = get_option('what-did-they-say-options');
|
||||
$user_info = wp_get_current_user();
|
||||
|
||||
$ok = false;
|
||||
if ($options['only_allowed_users']) {
|
||||
$ok = in_array($user_info->ID, $options['allowed_users']);
|
||||
} else {
|
||||
$ok = true;
|
||||
if (!current_user_can('edit_posts')) {
|
||||
$ok = in_array($user_info->ID, $options['allowed_users']);
|
||||
}
|
||||
}
|
||||
|
||||
return $ok;
|
||||
}
|
||||
|
||||
/**
|
||||
* Update a queued transcript.
|
||||
* @param array $update_info The info on the transcript being updated.
|
||||
@ -157,7 +140,7 @@ class WhatDidTheySay {
|
||||
function update_queued_transcription($update_info) {
|
||||
global $wpdb;
|
||||
|
||||
if ($this->is_user_allowed_to_update()) {
|
||||
if (current_user_can('submit_transcriptions')) {
|
||||
$query = $wpdb->prepare("SELECT * FROM %s WHERE id = %d", $this->table, $update_info['id']);
|
||||
$result = $wpdb->get_results($query);
|
||||
|
||||
@ -187,7 +170,7 @@ class WhatDidTheySay {
|
||||
function delete_queued_transcription($transcription_id) {
|
||||
global $wpdb;
|
||||
|
||||
if ($this->is_user_allowed_to_update()) {
|
||||
if (current_user_can('submit_transcriptions')) {
|
||||
$query = $wpdb->prepare("SELECT id FROM %s WHERE id = %d", $this->table, $transcription_id);
|
||||
if (!is_null($wpdb->get_var($query))) {
|
||||
$query = $wpdb->prepare("DELETE FROM %s WHERE id = %d", $this->table, $transcription_id);
|
||||
@ -202,7 +185,7 @@ class WhatDidTheySay {
|
||||
function add_transcription_to_post($transcription_id) {
|
||||
global $wpdb;
|
||||
|
||||
if ($this->is_user_allowed_to_update()) {
|
||||
if (current_user_can('approve_transcriptions')) {
|
||||
$query = $wpdb->prepare("SELECT * from %s WHERE id = %d", $this->table, $transcription_id);
|
||||
$result = $wpdb->get_results($query);
|
||||
if (is_array($result)) {
|
||||
@ -222,7 +205,7 @@ class WhatDidTheySay {
|
||||
}
|
||||
|
||||
function delete_transcript($post_id, $language) {
|
||||
if ($this->is_user_allowed_to_update()) {
|
||||
if (current_user_can('approve_transcriptions')) {
|
||||
$post = get_post($post_id);
|
||||
if (!empty($post)) {
|
||||
$current_transcripts = get_post_meta($post_id, "provided_transcripts", true);
|
||||
|
@ -60,7 +60,7 @@
|
||||
<td>
|
||||
<?php if ($default) { _e('(yes)', 'what-did-they-say'); } ?>
|
||||
</td>
|
||||
<td>
|
||||
<td style="vertical-align: inherit">
|
||||
<a class="rename button" href="#"><?php _e('Rename', 'what-did-they-say') ?></a>
|
||||
</td>
|
||||
<td>
|
||||
|
@ -9,15 +9,14 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
||||
global $wpdb;
|
||||
_reset_wp();
|
||||
$wpdb = null;
|
||||
_set_user_capabilities('submit_transcriptions', 'approve_transcriptions');
|
||||
}
|
||||
|
||||
function testSaveTranscription() {
|
||||
wp_insert_post(array('ID' => 1));
|
||||
|
||||
|
||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||
$what->expects($this->any())
|
||||
->method('is_user_allowed_to_update')
|
||||
->will($this->returnValue(true));
|
||||
|
||||
$what->save_transcript(1, "en", "This is a transcript");
|
||||
$this->assertEquals(array("en" => "This is a transcript"), get_post_meta(1, "provided_transcripts", true));
|
||||
@ -45,9 +44,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
||||
wp_insert_post(array('ID' => 1));
|
||||
|
||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||
$what->expects($this->any())
|
||||
->method('is_user_allowed_to_update')
|
||||
->will($this->returnValue(true));
|
||||
|
||||
$wpdb = $this->getMock('wpdb', array('get_results', 'prepare'));
|
||||
|
||||
@ -125,9 +121,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
||||
->will($this->returnValue($expected_query));
|
||||
|
||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||
$what->expects($this->any())
|
||||
->method('is_user_allowed_to_update')
|
||||
->will($this->returnValue(true));
|
||||
|
||||
if ($expected_result === true) {
|
||||
$wpdb->expects($this->once())
|
||||
@ -146,37 +139,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
||||
));
|
||||
}
|
||||
|
||||
function providerTestIsUserAllowedToUpdate() {
|
||||
return array(
|
||||
array(
|
||||
false, array(), array(), 1, false
|
||||
),
|
||||
array(
|
||||
false, array('edit_posts'), array(), 1, true
|
||||
),
|
||||
array(
|
||||
true, array(), array(2), 1, false
|
||||
),
|
||||
array(
|
||||
true, array(), array(1), 1, true
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider providerTestIsUserAllowedToUpdate
|
||||
*/
|
||||
function testIsUserAllowedToUpdate($only_allowed_users, $current_user_can, $allowed_users, $current_user_id, $expected_result) {
|
||||
update_option('what-did-they-say-options', array('allowed_users' => $allowed_users, 'only_allowed_users' => $only_allowed_users));
|
||||
_set_user_capabilities($current_user_can);
|
||||
wp_insert_user(array('ID' => 1, 'first_name' => 'Test', 'last_name' => 'User'));
|
||||
wp_set_current_user($current_user_id);
|
||||
|
||||
|
||||
$what = new WhatDidTheySay();
|
||||
$this->assertEquals($expected_result, $what->is_user_allowed_to_update());
|
||||
}
|
||||
|
||||
function providerTestUpdateQueuedTranscription() {
|
||||
return array(
|
||||
array(
|
||||
@ -202,9 +164,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
||||
global $wpdb;
|
||||
|
||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||
$what->expects($this->once())
|
||||
->method('is_user_allowed_to_update')
|
||||
->will($this->returnValue(true));
|
||||
|
||||
$wpdb = $this->getMock('wpdb', array('prepare', 'get_results', 'query'));
|
||||
|
||||
@ -242,9 +201,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
||||
global $wpdb;
|
||||
|
||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||
$what->expects($this->once())
|
||||
->method('is_user_allowed_to_update')
|
||||
->will($this->returnValue(true));
|
||||
|
||||
$wpdb = $this->getMock('wpdb', array('prepare', 'get_var', 'query'));
|
||||
|
||||
@ -275,9 +231,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
||||
global $wpdb;
|
||||
|
||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update', 'save_transcript'));
|
||||
$what->expects($this->once())
|
||||
->method('is_user_allowed_to_update')
|
||||
->will($this->returnValue(true));
|
||||
|
||||
wp_insert_post((object)array('ID' => 1));
|
||||
|
||||
@ -301,9 +254,6 @@ class WhatDidTheySayTest extends PHPUnit_Framework_TestCase {
|
||||
|
||||
function testDeleteTranscript() {
|
||||
$what = $this->getMock('WhatDidTheySay', array('is_user_allowed_to_update'));
|
||||
$what->expects($this->once())
|
||||
->method('is_user_allowed_to_update')
|
||||
->will($this->returnValue(true));
|
||||
|
||||
wp_insert_post((object)array('ID' => 1));
|
||||
update_post_meta(1, "provided_transcripts", array("en" => "This is a transcript"));
|
||||
|
Loading…
Reference in New Issue
Block a user