From b259ac1c561b59b7b09e28a4d0390770965824af Mon Sep 17 00:00:00 2001 From: Alexander Schneider Date: Wed, 21 Apr 2021 10:49:55 +0200 Subject: [PATCH] Bump version 2.2.14 --- composer.json | 2 +- package.json | 2 +- readme.txt | 6 +++++- src/Access/AccessHandler.php | 17 ++++----------- src/Controller/Backend/ObjectController.php | 21 +++++++++++++------ .../Backend/PostObjectController.php | 1 + .../Frontend/RedirectController.php | 10 ++++----- src/UserAccessManager.php | 2 +- src/View/BulkEditForm.php | 2 +- tests/Unit/Access/AccessHandlerTest.php | 8 +++++++ user-access-manager.php | 2 +- 11 files changed, 43 insertions(+), 30 deletions(-) diff --git a/composer.json b/composer.json index f07bd2eb..23cf48b0 100644 --- a/composer.json +++ b/composer.json @@ -3,7 +3,7 @@ "description": "User Access Manager plugin for Wordpress", "type": "wordpress-plugin", "license": "GPL-2.0", - "version": "2.2.13", + "version": "2.2.14", "authors": [ { "name": "Alexander Schneider", diff --git a/package.json b/package.json index 44a5e78a..8a3af0ec 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "user-access-manager", - "version": "2.2.13", + "version": "2.2.14", "description": "[![Build Status](https://travis-ci.org/GM-Alex/user-access-manager.svg)](https://travis-ci.org/GM-Alex/user-access-manager)", "main": "index.js", "directories": { diff --git a/readme.txt b/readme.txt index 151a9da9..d053f77f 100644 --- a/readme.txt +++ b/readme.txt @@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i Tags: admin, access, member area, members, member, member access, page, pages, post, posts, private, privacy, restrict, user, user access manager, user management Requires at least: 4.7 Tested up to: 5.7 -Stable tag: 2.2.13 +Stable tag: 2.2.14 With the "User Access Manager"-plugin you can manage the access to your posts, pages and files. @@ -59,6 +59,10 @@ Here you found the changes in each version. Version Date Changes + 2.2.14 2021/04/21 Fix bulk edit. + Fix permission issue. + Fix redirect typing issue. + 2.2.13 2021/04/15 Fix not logged in user handling. Type fix for showEditLink. diff --git a/src/Access/AccessHandler.php b/src/Access/AccessHandler.php index 3f040d5f..7d3762de 100644 --- a/src/Access/AccessHandler.php +++ b/src/Access/AccessHandler.php @@ -180,21 +180,12 @@ public function checkObjectAccess(?string $objectType, $objectId, $isAdmin = nul ) { $access = true; } else { - $access = true; $membership = $this->userGroupHandler->getUserGroupsForObject($objectType, $objectId); + $access = $membership === [] + || array_intersect_key($membership, $this->getUserUserGroupsForObjectAccess($isAdmin)) !== []; - if (count($membership) > 0) { - $userGroupDiff = array_intersect_key( - $membership, - $this->getUserUserGroupsForObjectAccess($isAdmin) - ); - $nonLoggedInGroupKey = DynamicUserGroup::USER_TYPE . '|' - . DynamicUserGroup::NOT_LOGGED_IN_USER_ID; - - $access = count($userGroupDiff) > 0 && ( - isset($userGroupDiff[$nonLoggedInGroupKey]) || - $this->wordpress->isUserMemberOfBlog() - ); + if ($access && $this->wordpress->isUserLoggedIn() && $this->wordpress->isMultiSite()) { + $access = $this->wordpress->isUserMemberOfBlog(); } } diff --git a/src/Controller/Backend/ObjectController.php b/src/Controller/Backend/ObjectController.php index ed5b2102..853c6d8b 100644 --- a/src/Controller/Backend/ObjectController.php +++ b/src/Controller/Backend/ObjectController.php @@ -45,7 +45,9 @@ class ObjectController extends Controller { const COLUMN_NAME = 'uam_access'; + const BULK_ADD = 'add'; const BULK_REMOVE = 'remove'; + const BULK_OVERWRITE = 'overwrite'; const DEFAULT_GROUPS_FORM_NAME = 'uam_user_groups'; const DEFAULT_DYNAMIC_GROUPS_FORM_NAME = 'uam_dynamic_user_groups'; const UPDATE_GROUPS_FORM_NAME = 'uam_update_groups'; @@ -343,20 +345,27 @@ private function getAddRemoveGroups( ?array &$addUserGroups = [], ?array &$removeUserGroups = [] ) { - if ($addUserGroups === null) { - $addUserGroups = (array) $this->getRequestParameter(self::DEFAULT_GROUPS_FORM_NAME, []); - } - + $groupsToChange = (array) $this->getRequestParameter(self::DEFAULT_GROUPS_FORM_NAME, []); $filteredUserGroupsForObject = $this->userGroupHandler->getFilteredUserGroupsForObject( $objectType, $objectId ); + + $addUserGroups = $addUserGroups ?? $groupsToChange; $removeUserGroups = array_flip(array_keys($filteredUserGroupsForObject)); $bulkType = $this->getRequestParameter('uam_bulk_type'); - if ($bulkType === self::BULK_REMOVE) { - $removeUserGroups = $addUserGroups; + if ($bulkType === self::BULK_ADD) { + $addUserGroups = $groupsToChange; + $removeUserGroups = []; + } elseif ($bulkType === self::BULK_REMOVE) { $addUserGroups = []; + $removeUserGroups = array_filter( + $groupsToChange, + function (array $group) { + return isset($group['id']); + } + ); } } diff --git a/src/Controller/Backend/PostObjectController.php b/src/Controller/Backend/PostObjectController.php index 873a5b0b..477eb3f5 100644 --- a/src/Controller/Backend/PostObjectController.php +++ b/src/Controller/Backend/PostObjectController.php @@ -75,6 +75,7 @@ public function editPostContent($post) public function addBulkAction($columnName) { if ($columnName === self::COLUMN_NAME) { + $this->getObjectInformation()->setObjectId(null); echo $this->getIncludeContents('BulkEditForm.php'); } } diff --git a/src/Controller/Frontend/RedirectController.php b/src/Controller/Frontend/RedirectController.php index fde81592..f3d18656 100644 --- a/src/Controller/Frontend/RedirectController.php +++ b/src/Controller/Frontend/RedirectController.php @@ -308,11 +308,11 @@ private function getPostIdByName(string $name): int /** * Extracts the object type and id. - * @param object $pageParams + * @param mixed $pageParams * @param null|string $objectType * @param null|int|string $objectId */ - private function extractObjectTypeAndId(object $pageParams, ?string &$objectType, ?string &$objectId) + private function extractObjectTypeAndId($pageParams, ?string &$objectType, ?string &$objectId) { $objectType = null; $objectId = null; @@ -345,12 +345,12 @@ private function extractObjectTypeAndId(object $pageParams, ?string &$objectType /** * Redirects to a page or to content. - * @param array $headers The headers which are given from wordpress. - * @param object $pageParams The params of the current page. + * @param array|null $headers The headers which are given from wordpress. + * @param mixed $pageParams The params of the current page. * @return array * @throws UserGroupTypeException */ - public function redirect(array $headers, object $pageParams): array + public function redirect(?array $headers, $pageParams): array { $fileUrl = $this->getRequestParameter('uamgetfile'); $fileType = $this->getRequestParameter('uamfiletype'); diff --git a/src/UserAccessManager.php b/src/UserAccessManager.php index e1cc869a..bbb1ad37 100644 --- a/src/UserAccessManager.php +++ b/src/UserAccessManager.php @@ -50,7 +50,7 @@ */ class UserAccessManager { - const VERSION = '2.2.13'; + const VERSION = '2.2.14'; const DB_VERSION = '1.6.1'; /** diff --git a/src/View/BulkEditForm.php b/src/View/BulkEditForm.php index b54ac6ad..e155cdf5 100644 --- a/src/View/BulkEditForm.php +++ b/src/View/BulkEditForm.php @@ -1,6 +1,6 @@ expects($this->exactly(3)) + ->method('isUserLoggedIn') + ->will($this->onConsecutiveCalls(false, true, true)); + $wordpress->expects($this->exactly(2)) + ->method('isMultiSite') + ->will($this->onConsecutiveCalls(false, true)); + + $wordpress->expects($this->exactly(1)) ->method('isUserMemberOfBlog') ->will($this->returnValue(true)); diff --git a/user-access-manager.php b/user-access-manager.php index 7df3c4b9..2fdecbf3 100644 --- a/user-access-manager.php +++ b/user-access-manager.php @@ -3,7 +3,7 @@ * Plugin Name: User Access Manager * Plugin URI: https://wordpress.org/plugins/user-access-manager/ * Author URI: https://twitter.com/GM_Alex - * Version: 2.2.13 + * Version: 2.2.14 * Requires PHP: 7.2 * Author: Alexander Schneider * Description: Manage the access to your posts, pages, categories and files.