* Set the role that users must be greater than for the group to apply. * * @param string $role * * @return $this */ public function set_min_role( $role ) { if ( '' !== $role && ! get_role( $role ) ) { throw new InvalidArgumentException( sprintf( 'Role %s not found.', $role ) ); } $this->min_role = $role; return $this; } /** * Get the user provided label for this user group. * * @return string */ public function get_label() { return $this->label; } /** * Set the label for this user group. * * @param string $label * * @return $this */ public function set_label( $label ) { if ( ! is_string( $label ) ) { throw new InvalidArgumentException( '$label must be a string.' ); } $this->label = $label; return $this; } /** * Get the generated description for this user group. * * @return string */ public function get_description() { $parts = []; if ( $roles = $this->get_roles() ) { $parts[] = wp_sprintf( __( 'the following roles: %l', 'it-l10n-ithemes-security-pro' ), array_map( 'translate_user_role', $roles ) ); } if ( $canonical = $this->get_canonical_roles() ) { $parts[] = wp_sprintf( __( 'the following canonical roles: %l', 'it-l10n-ithemes-security-pro' ), array_map( 'translate_user_role', $canonical ) ); } if ( $min_role = $this->get_min_role() ) { $parts[] = sprintf( __( 'roles greater than %s', 'it-l10n-ithemes-security-pro' ), translate_user_role( $min_role ) ); } if ( $users = $this->get_users() ) { $parts[] = wp_sprintf( __( 'the following users: %l', 'it-l10n-ithemes-security-pro' ), wp_list_pluck( $users, 'user_login' ) ); } if ( ! $parts ) { return wp_sprintf( __( 'This user group contains no users.', 'it-l10n-ithemes-security-pro' ) ); } return wp_sprintf( __( 'This user group contains %l.', 'it-l10n-ithemes-security-pro' ), $parts ); } /** * Get the computed list of roles this user group applies to. * * This is the manually selected list of roles, as well as all roles greater * than the minimum role. * * @return string[] */ public function get_computed_role_list() { ITSEC_Lib::load( 'canonical-roles' ); $roles = $this->get_roles(); $min_role = $this->get_min_role(); $canonical_roles = $this->get_canonical_roles(); foreach ( wp_roles()->get_names() as $role => $name ) { if ( in_array( $role, $roles, true ) ) { continue; } $canonical = ITSEC_Lib_Canonical_Roles::get_canonical_role_from_role( $role ); if ( in_array( $canonical, $canonical_roles, true ) ) { $roles[] = $role; continue; } if ( $min_role && ITSEC_Lib_Canonical_Roles::is_canonical_role_at_least( $min_role, $canonical ) ) { $roles[] = $role; continue; } } return $roles; } /** * Is the user group properly configured. * * @return bool */ public function is_configured() { return $this->min_role || $this->roles || $this->users || $this->canonical_roles; } /** * Does the given user match this user group. * * @param Match_Target $target * * @return bool */ public function matches( Match_Target $target ) { if ( ( $user = $target->get_user() ) && in_array( $user->ID, $this->users, true ) ) { return true; } if ( array_intersect( $this->get_roles(), $target->get_role() ? [ $target->get_role() ] : $user->roles ) ) { return true; } $min_role = $this->get_min_role(); $canonical_roles = $this->get_canonical_roles(); if ( $min_role || $canonical_roles ) { ITSEC_Lib::load( 'canonical-roles' ); if ( $target->get_role() && $target->get_user() ) { $canonical = ITSEC_Lib_Canonical_Roles::get_canonical_role_from_role_and_user( $target->get_role(), $target->get_user() ); } elseif ( $target->get_role() ) { $canonical = ITSEC_Lib_Canonical_Roles::get_canonical_role_from_role( $target->get_role() ); } elseif ( $target->get_user() ) { $canonical = ITSEC_Lib_Canonical_Roles::get_user_role( $target->get_user() ); } else { $canonical = ''; } if ( $canonical ) { if ( $min_role && ITSEC_Lib_Canonical_Roles::is_canonical_role_at_least( $min_role, $canonical ) ) { return true; } if ( $canonical_roles && in_array( $canonical, $canonical_roles, true ) ) { return true; } } } return false; } /** * Is this user group the same record as the given user group. * * @param User_Group $user_group * * @return bool */ public function identical( User_Group $user_group ) { return $this->get_id() === $user_group->get_id(); } /** * Is this user group made up of the same restrictions as the given user group. * * @param User_Group $user_group * * @return bool */ public function equals( User_Group $user_group ) { if ( $this->get_min_role() !== $user_group->get_min_role() ) { return false; } if ( ! ITSEC_Lib::equal_sets( $this->get_roles(), $user_group->get_roles() ) ) { return false; } if ( ! ITSEC_Lib::equal_sets( $this->get_canonical_roles(), $user_group->get_canonical_roles() ) ) { return false; } if ( ! ITSEC_Lib::equal_sets( $this->users, $user_group->users ) ) { return false; } return true; } /** * Converts the user group to a string. * * @return string */ public function __toString() { return $this->get_label(); } public function jsonSerialize(): array { return [ 'id' => $this->get_id(), 'label' => $this->get_label(), 'description' => $this->get_description(), 'users' => wp_list_pluck( $this->get_users(), 'ID' ), 'roles' => $this->get_roles(), 'canonical' => $this->get_canonical_roles(), 'min_role' => $this->get_min_role(), ]; } }