Cavemanon/piratepoet
7
Fork 0
Code Pull Requests Actions Releases 16 Activity

Adds AccessControl class that defines permissions for major plugin

Browse Source 
operations
This commit is contained in:
Vlad
2017-08-13 21:02:47 -04:00
parent 1151354278
commit 632bce7894
4 changed files with 221 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
lib/Config/AccessControl.php Normal file
View File

@ -0,0 +1,81 @@
<?php
namespace MailPoet\Config;
use MailPoet\WP\Hooks as WPHooks;
if(!defined('ABSPATH')) exit;
require_once(ABSPATH . 'wp-includes/pluggable.php');
class AccessControl {
static $permissions;
const PERMISSION_ACCESS_PLUGIN = 'access_plugin';
const PERMISSION_MANAGE_SETTINGS = 'manage_settings';
const PERMISSION_MANAGE_EMAILS = 'manage_emails';
const PERMISSION_MANAGE_SUBSCRIBERS = 'manage_subscribers';
const PERMISSION_MANAGE_FORMS = 'manage_forms';
const PERMISSION_MANAGE_SEGMENTS = 'manage_segments';
static function init($permissions = array()) {
self::setPermissions($permissions);
}
static function setPermissions($permissions = array()) {
self::$permissions = ($permissions) ? $permissions : self::getPermissions();
}
static function getPermissions() {
return array(
self::PERMISSION_ACCESS_PLUGIN => WPHooks::applyFilters(
'mailpoet_permission_access_plugin',
array(
'administrator',
'editor'
)
),
self::PERMISSION_MANAGE_SETTINGS => WPHooks::applyFilters(
'mailpoet_permission_manage_settings',
array(
'administrator'
)
),
self::PERMISSION_MANAGE_EMAILS => WPHooks::applyFilters(
'mailpoet_permission_manage_emails',
array(
'administrator',
'editor'
)
),
self::PERMISSION_MANAGE_SUBSCRIBERS => WPHooks::applyFilters(
'mailpoet_permission_manage_subscribers',
array(
'administrator'
)
),
self::PERMISSION_MANAGE_FORMS => WPHooks::applyFilters(
'mailpoet_permission_manage_forms',
array(
'administrator'
)
),
self::PERMISSION_MANAGE_SEGMENTS => WPHooks::applyFilters(
'mailpoet_permission_manage_segments',
array(
'administrator'
)
)
);
}
static function validatePermission($permission) {
if(empty(self::$permissions)) self::init();
if(empty(self::$permissions[$permission])) return false;
$current_user = wp_get_current_user();
$current_user_roles = $current_user->roles;
$permitted_roles = array_intersect(
$current_user_roles,
self::$permissions[$permission]
);
return (!empty($permitted_roles));
}
}

4
lib/Config/Env.php
View File

@ -2,8 +2,6 @@
namespace MailPoet\Config; namespace MailPoet\Config;
use MailPoet\WP\Hooks;
if(!defined('ABSPATH')) exit; if(!defined('ABSPATH')) exit;
class Env { class Env {
@ -34,7 +32,6 @@ class Env {
static $db_collation; static $db_collation;
static $db_charset_collate; static $db_charset_collate;
static $db_timezone_offset; static $db_timezone_offset;
static $required_permission;
static function init($file, $version) { static function init($file, $version) {
global $wpdb; global $wpdb;
@ -72,7 +69,6 @@ class Env {
self::$db_charset_collate = $wpdb->get_charset_collate(); self::$db_charset_collate = $wpdb->get_charset_collate();
self::$db_source_name = self::dbSourceName(self::$db_host, self::$db_socket, self::$db_port, self::$db_charset); self::$db_source_name = self::dbSourceName(self::$db_host, self::$db_socket, self::$db_port, self::$db_charset);
self::$db_timezone_offset = self::getDbTimezoneOffset(); self::$db_timezone_offset = self::getDbTimezoneOffset();
self::$required_permission = Hooks::applyFilters('mailpoet_access_minimum_required_permission', 'manage_options');
} }
private static function dbSourceName($host, $socket, $port, $charset) { private static function dbSourceName($host, $socket, $port, $charset) {

1
lib/Config/Initializer.php
View File

@ -24,6 +24,7 @@ class Initializer {
'version' => '1.0.0' 'version' => '1.0.0'
)) { )) {
Env::init($params['file'], $params['version']); Env::init($params['file'], $params['version']);
AccessControl::init();
} }
function init() { function init() {

139
tests/unit/Config/AccessControlTest.php Normal file
View File

@ -0,0 +1,139 @@
<?php
namespace MailPoet\Test\Config;
use Helper\WordPressHooks as WPHooksHelper;
use MailPoet\Config\AccessControl;
use MailPoet\WP\Hooks;
class AccessControlTest extends \MailPoetTest {
function testItSetsDefaultPermissionsUponInitialization() {
AccessControl::init();
$default_permissions = array(
'access_plugin' => array(
'administrator',
'editor'
),
'manage_settings' => array(
'administrator'
),
'manage_emails' => array(
'administrator',
'editor'
),
'manage_subscribers' => array(
'administrator'
),
'manage_forms' => array(
'administrator'
),
'manage_segments' => array(
'administrator'
)
);
expect(AccessControl::getPermissions())->equals($default_permissions);
}
function testItSetsCustomPermissionsUponInitialization() {
$custom_permissions = array(
'custom_permissions' => array(
'custom_role'
)
);
AccessControl::init($custom_permissions);
expect(AccessControl::$permissions)->equals($custom_permissions);
}
function testItGetsPermissions() {
expect(AccessControl::getPermissions())->equals(
array(
'access_plugin' => array(
'administrator',
'editor'
),
'manage_settings' => array(
'administrator'
),
'manage_emails' => array(
'administrator',
'editor'
),
'manage_subscribers' => array(
'administrator'
),
'manage_forms' => array(
'administrator'
),
'manage_segments' => array(
'administrator'
)
)
);
}
function testItAllowsSettingCustonPermissions() {
Hooks::addFilter(
'mailpoet_permission_access_plugin',
function() {
return array('custom_access_plugin_role');
}
);
Hooks::addFilter(
'mailpoet_permission_manage_settings',
function() {
return array('custom_manage_settings_role');
}
);
Hooks::addFilter(
'mailpoet_permission_manage_emails',
function() {
return array('custom_manage_emails_role');
}
);
Hooks::addFilter(
'mailpoet_permission_manage_subscribers',
function() {
return array('custom_manage_subscribers_role');
}
);
Hooks::addFilter(
'mailpoet_permission_manage_forms',
function() {
return array('custom_manage_forms_role');
}
);
Hooks::addFilter(
'mailpoet_permission_manage_segments',
function() {
return array('custom_manage_forms_role');
}
);
AccessControl::init();
expect(AccessControl::$permissions)->equals(
array(
'access_plugin' => array(
'custom_access_plugin_role'
),
'manage_settings' => array(
'custom_manage_settings_role'
),
'manage_emails' => array(
'custom_manage_emails_role'
),
'manage_subscribers' => array(
'custom_manage_subscribers_role'
),
'manage_forms' => array(
'custom_manage_forms_role'
),
'manage_segments' => array(
'custom_manage_forms_role'
)
)
);
}
function _after() {
WPHooksHelper::releaseAllHooks();
}
}