<?php
namespace WPDataAccess\Settings {
use WPDataAccess\Utilities\WPDA_Message_Box;
use WPDataAccess\WPDA;
class WPDA_Settings_ManageRoles extends WPDA_Settings {
/**
* Add roles tab content
*
* See class documentation for flow explanation.
*
* @since 2.7.0
*/
protected function add_content() {
$wp_default_roles = array(
'administrator' => true,
'editor' => true,
'author' => true,
'contributor' => true,
'subscriber' => true,
);
if ( isset( $_REQUEST['action'] ) ) {
// Security check.
if ( 'delete' === $_REQUEST['action'] ) {
$wp_nonce = isset( $_REQUEST['_wpnoncedelrole'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['_wpnoncedelrole'] ) ) : ''; // input var okay.
if ( ! wp_verify_nonce( $wp_nonce, 'wpda-manage-roles-settings-' . WPDA::get_current_user_login() ) ) {
wp_die( __( 'ERROR: Not authorized', 'wp-data-access' ) );
}
} else {
$wp_nonce = isset( $_REQUEST['_wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ) : ''; // input var okay.
if ( ! wp_verify_nonce( $wp_nonce, 'wpda-manage-roles-settings-' . WPDA::get_current_user_login() ) ) {
wp_die( __( 'ERROR: Not authorized', 'wp-data-access' ) );
}
}
if ( 'save' === $_REQUEST['action'] ) {
WPDA::set_option(
WPDA::OPTION_WPDA_ENABLE_ROLE_MANAGEMENT,
isset( $_REQUEST['enable_role_management'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['enable_role_management'] ) ) : 'off' // input var okay.
);
WPDA::set_option(
WPDA::OPTION_WPDA_USE_ROLES_IN_SHORTCODE,
isset( $_REQUEST['use_roles_in_shortcode'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['use_roles_in_shortcode'] ) ) : 'off' // input var okay.
);
if ( isset( $_REQUEST['wpda_role_name'] ) && is_array( $_REQUEST['wpda_role_name'] ) &&
isset( $_REQUEST['wpda_role_label'] ) && is_array( $_REQUEST['wpda_role_label'] )
) {
$no_roles = count( $_REQUEST['wpda_role_name'] );//phpcs:ignore - 8.1 proof
for ( $i = 0; $i < $no_roles; $i ++ ) {
$sanitized_new_role_name = sanitize_text_field( wp_unslash( $_REQUEST['wpda_role_name'][ $i ] ) ); // input var okay.
$sanitized_new_role_label = sanitize_text_field( wp_unslash( $_REQUEST['wpda_role_label'][ $i ] ) ); // input var okay.
add_role( $sanitized_new_role_name, $sanitized_new_role_label );
}
}
$msg = new WPDA_Message_Box(
array(
'message_text' => __( 'Settings saved', 'wp-data-access' ),
)
);
$msg->box();
} elseif ( 'delete' === $_REQUEST['action'] ) {
if ( isset( $_REQUEST['delete_role_name'] ) ) {
$sanitized_role_name = sanitize_text_field( wp_unslash( $_REQUEST['delete_role_name'] ) ); // input var okay.
$all_users = get_users(
array( 'role' => $sanitized_role_name )
);
foreach ( $all_users as $user ) {
$wp_user = new \WP_User( $user->ID );
$wp_user->remove_role( $sanitized_role_name );
}
remove_role( $sanitized_role_name );
$msg = new WPDA_Message_Box(
array(
'message_text' => __( 'Settings saved', 'wp-data-access' ),
)
);
$msg->box();
}
} elseif ( 'setdefaults' === $_REQUEST['action'] ) {
// Set back to default values.
WPDA::set_option( WPDA::OPTION_WPDA_ENABLE_ROLE_MANAGEMENT );
WPDA::set_option( WPDA::OPTION_WPDA_USE_ROLES_IN_SHORTCODE );
}
}
$enable_role_management = WPDA::get_option( WPDA::OPTION_WPDA_ENABLE_ROLE_MANAGEMENT );
$use_roles_in_shortcode = WPDA::get_option( WPDA::OPTION_WPDA_USE_ROLES_IN_SHORTCODE );
?>
<form id="wpda_settings_manage_roles"
method="post"
action="?page=<?php echo esc_attr( $this->page ); ?>&tab=roles">
<table class="wpda-table-settings">
<tr>
<th>
<?php echo __( 'Plugin Role Management', 'wp-data-access' ); ?>
</th>
<td>
<label>
<input type="checkbox" name="enable_role_management"
<?php echo 'on' === $enable_role_management ? 'checked' : ''; ?>/>
<?php echo __( 'Enable role management', 'wp-data-access' ); ?>
</label>
<br/>
<label>
<input type="checkbox" name="use_roles_in_shortcode"
<?php echo 'on' === $use_roles_in_shortcode ? 'checked' : ''; ?>/>
<?php echo __( 'Use roles in Data Projects shortcodes', 'wp-data-access' ); ?>
</label>
</td>
</tr>
<tr>
<th>
<?php echo __( 'Available Roles', 'wp-data-access' ); ?>
</th>
<td>
<div id="list_roles">
<?php
global $wp_roles;
foreach ( $wp_roles->roles as $role => $val ) {
$is_wp_role = isset( $wp_default_roles[ $role ] );
$role_label = isset( $val['name'] ) ? $val['name'] : $role;
?>
<div id="<?php echo esc_attr( $role ); ?>">
<span class="dashicons <?php echo $is_wp_role ? 'dashicons-wordpress' : 'dashicons-trash'; ?> wpda_tooltip"
style="font-size: 14px; vertical-align: text-top;<?php echo $is_wp_role ? '' : ' cursor: pointer;'; ?>"
<?php echo $is_wp_role ? '' : 'title="Delete role"'; ?>></span>
<?php echo esc_attr( $role_label ); ?>
</div>
<?php
}
?>
</div>
<p>
<a href="javascript:void(0)" class="button" onclick="add_new_role()">Add
New Role</a>
</p>
</td>
</tr>
</table>
<div class="wpda-table-settings-button">
<input type="hidden" name="action" value="save"/>
<button type="submit" class="button button-primary">
<i class="fas fa-check wpda_icon_on_button"></i>
<?php echo __( 'Save Manage Roles Settings', 'wp-data-access' ); ?>
</button>
<a href="javascript:void(0)"
onclick="if (confirm('<?php echo __( 'Reset to defaults?', 'wp-data-access' ); ?>')) {
jQuery('input[name=\'action\']').val('setdefaults');
jQuery('#wpda_settings_manage_roles').trigger('submit');
}"
class="button button-secondary">
<i class="fas fa-times-circle wpda_icon_on_button"></i>
<?php echo __( 'Reset Manage Roles Settings To Defaults', 'wp-data-access' ); ?>
</a>
</div>
<?php wp_nonce_field( 'wpda-manage-roles-settings-' . WPDA::get_current_user_login(), '_wpnonce', false ); ?>
</form>
<form id="delete_role_form"
method="post"
action="?page=<?php echo esc_attr( $this->page ); ?>&tab=roles">
<input type="hidden" id="delete_role_name" name="delete_role_name" value="">
<input type="hidden" name="action" value="delete">
<?php wp_nonce_field( 'wpda-manage-roles-settings-' . WPDA::get_current_user_login(), '_wpnoncedelrole', false ); ?>
</form>
<script type='text/javascript'>
function add_new_role() {
jQuery('#list_roles').append(
'<div>' +
' <span class="dashicons dashicons-trash" style="font-size: 14px; vertical-align: text-top; cursor: pointer;" onclick="jQuery(this).parent().remove();"></span>' +
' <label for="wpda_role_name[]">Name: </label><input name="wpda_role_name[]" style="vertical-align: middle; text-transform: lowercase;"/>' +
' <label for="wpda_role_label[]">Label: </label><input name="wpda_role_label[]" style="vertical-align: middle;"/>' +
'</div>');
}
jQuery('.dashicons-trash').on('click', function (e) {
if (confirm('<?php echo __( 'Delete role?', 'wp-data-access' ) . '\n' . __( 'Role will be removed from all users.', 'wp-data-access' ) . '\n' . __( 'This action cannot be undone!', 'wp-data-access' ); ?>')) {
parent = jQuery(e.target).parent();
parent_id = parent.attr('id');
jQuery('#delete_role_name').val(parent_id);
jQuery('#delete_role_form').submit();
}
});
</script>
<?php
}
}
}