diff --git a/changelog.txt b/changelog.txt index 07b22e3..e4e51d8 100644 --- a/changelog.txt +++ b/changelog.txt @@ -1,5 +1,11 @@ == Groups by itthinx - changelog.txt == += 2.7.2 = +* Fixes an issue with page builders and front-end editing. +* Fixed CSS typo in UIE. +* Formatting improvements. +* Added missing escaping. + = 2.7.1 = * Improved UIE rendering for group choices and made it more resilient to load dependencies, Javascript execution order and pages where it is used. * Fixed UIE rendering for group choices with the block editor which would unduly cap the list visually providing an awkward UX. diff --git a/groups.php b/groups.php index 22b7416..a6c4cd2 100644 --- a/groups.php +++ b/groups.php @@ -21,7 +21,7 @@ * Plugin Name: Groups * Plugin URI: http://www.itthinx.com/plugins/groups * Description: Groups provides group-based user membership management, group-based capabilities and content access control. - * Version: 2.7.1 + * Version: 2.7.2 * Author: itthinx * Author URI: http://www.itthinx.com * Donate-Link: http://www.itthinx.com @@ -32,7 +32,7 @@ if ( !defined( 'ABSPATH' ) ) { exit; } -define( 'GROUPS_CORE_VERSION', '2.7.1' ); +define( 'GROUPS_CORE_VERSION', '2.7.2' ); define( 'GROUPS_FILE', __FILE__ ); if ( !defined( 'GROUPS_CORE_DIR' ) ) { define( 'GROUPS_CORE_DIR', untrailingslashit( plugin_dir_path( __FILE__ ) ) ); diff --git a/lib/access/class-groups-access-meta-boxes.php b/lib/access/class-groups-access-meta-boxes.php index c4fe8e7..544905d 100644 --- a/lib/access/class-groups-access-meta-boxes.php +++ b/lib/access/class-groups-access-meta-boxes.php @@ -25,7 +25,7 @@ /** * Adds meta boxes to edit screens. - * + * * @link http://codex.wordpress.org/Function_Reference/add_meta_box */ class Groups_Access_Meta_Boxes { @@ -62,6 +62,8 @@ public static function wp_init() { add_filter( 'attachment_fields_to_edit', array( __CLASS__, 'attachment_fields_to_edit' ), 10, 2 ); add_filter( 'attachment_fields_to_save', array( __CLASS__, 'attachment_fields_to_save' ), 10, 2 ); + + add_action( 'wp_enqueue_editor', array( __CLASS__, 'wp_enqueue_editor' ) ); // @since 2.7.2 } } @@ -123,29 +125,38 @@ public static function add_meta_boxes( $post_type, $post = null ) { '' . _x( 'Groups', 'Help heading', 'groups' ) . '' . '

' . '

' . - __( 'Use the Groups box to limit the visibility of posts, pages and other post types.', 'groups' ) . + wp_kses( + __( 'Use the Groups box to limit the visibility of posts, pages and other post types.', 'groups' ), + array( 'em' => array() ) + ) . '

' . '

' . - __( 'You can select one or more groups to restrict access to its members.', 'groups' ) . + esc_html__( 'You can select one or more groups to restrict access to its members.', 'groups' ) . ( !current_user_can( GROUPS_ADMINISTER_GROUPS ) ? ' ' . - __( 'Note that you must be a member of a group to use it to restrict access.', 'groups' ) + esc_html__( 'Note that you must be a member of a group to use it to restrict access.', 'groups' ) : '' ) . '

' . '

' . - '' . __( 'Example:', 'groups' ) . '' . + '' . esc_html__( 'Example:', 'groups' ) . '' . '

' . - __( 'Let\'s assume that you want to limit the visibility of a post to members of the Premium group.', 'groups' ) . + wp_kses( + __( 'Let\'s assume that you want to limit the visibility of a post to members of the Premium group.', 'groups' ), + array( 'em' => array() ) + ) . '

' . ' ' . '

' . - __( 'Choose or enter Premium in the Read field located in the Groups box and save or update the post (or hit Enter).', 'groups' ) . + wp_kses( + __( 'Choose or enter Premium in the Read field located in the Groups box and save or update the post (or hit Enter).', 'groups' ), + array( 'em' => array() ) + ) . '

' . ( current_user_can( GROUPS_ADMINISTER_GROUPS ) ? '

' . - __( 'In the same field, you can create a new group and restrict access. Group names are case-sensitive. In order to be able to use the new group, your user account will be assigned to it.', 'groups' ) . + esc_html__( 'In the same field, you can create a new group and restrict access. Group names are case-sensitive. In order to be able to use the new group, your user account will be assigned to it.', 'groups' ) . '

' : '' @@ -270,7 +281,7 @@ public static function groups( $object = null, $box = null ) { * At WordPress 3.6.1, this is the only way we can achieve that, because * the save_post action is not invoked if the post content is considered * empty. - * + * * @param boolean $maybe_empty * @param array $postarr * @return boolean @@ -292,7 +303,7 @@ public static function wp_insert_post_empty_content( $maybe_empty, $postarr ) { /** * Save the group access restriction. - * + * * @param int $post_id * @param mixed $post post data (not used here) */ @@ -396,7 +407,7 @@ private static function enqueue() { /** * Render groups box for attachment post type (Media). - * + * * @param array $form_fields * @param object $post * @return array @@ -488,7 +499,7 @@ public static function attachment_fields_to_edit( $form_fields, $post ) { /** * Save groups for attachment post type (Media). * When multiple attachments are saved, this is called once for each. - * + * * @param array $post post data * @param array $attachment attachment field data * @return array @@ -525,10 +536,25 @@ public static function attachment_fields_to_save( $post, $attachment ) { return $post; } + /** + * Hooked on wp_enqueue_editor to enqueue our UIE scripts if access for attachments is enabled. + * + * @param array $to_load + */ + public static function wp_enqueue_editor( $to_load ) { + $media_upload = wp_script_is( 'media-upload' ); + if ( $media_upload ) { + $post_types_option = Groups_Options::get_option( Groups_Post_Access::POST_TYPES, array() ); + if ( !isset( $post_types_option['attachment']['add_meta_box'] ) || $post_types_option['attachment']['add_meta_box'] ) { + Groups_UIE::enqueue( 'select' ); + } + } + } + /** * Returns true if the user can restrict access to posts. The current user is * assumed by default unless a user ID is provided. - * + * * @param int $user_id indicates the desired user, otherwise for the current user * @return boolean */ @@ -542,14 +568,14 @@ public static function user_can_restrict( $user_id = null ) { /** * Returns the group IDs of the groups that the user can use to restrict access. - * + * * If the user can GROUPS_RESTRICT_ACCESS, the following group IDs are returned: * - If the user can GROUPS_ADMINISTER_GROUPS, this will return the IDs of all groups. * - Otherwise it will return the IDs of all groups that the user belongs to, directly * or indirectly by group inheritance. - * + * * If the user can not GROUPS_RESTRICT_ACCESS, an empty array is returned. - * + * * @param int $user_id if provided, retrieve results for the user indicated by user ID, otherwise for the current user * @return array of int with the group IDs */ @@ -580,5 +606,5 @@ public static function get_valid_read_caps_for_user( $user_id = null ) { require_once( GROUPS_LEGACY_LIB . '/access/class-groups-access-meta-boxes-legacy.php' ); return Groups_Access_Meta_Boxes_Legacy::get_valid_read_caps_for_user( $user_id ); } -} +} Groups_Access_Meta_Boxes::init(); diff --git a/lib/views/class-groups-uie.php b/lib/views/class-groups-uie.php index 19f3d4a..5c8992c 100644 --- a/lib/views/class-groups-uie.php +++ b/lib/views/class-groups-uie.php @@ -97,7 +97,7 @@ public static function render_select( $selector = 'select.groups-uie', $script = $call_output = ''; if ( self::$select === 'selectize' ) { - $call_output .= 'if ( typeof jQuery !== "undefined" ) {'; + $call_output .= 'if ( typeof jQuery !== "undefined" && typeof jQuery.fn.selectize === "function" ) {'; $call_output .= sprintf( 'jQuery("%s").selectize({%splugins: ["remove_button"]});', $selector, @@ -108,7 +108,7 @@ public static function render_select( $selector = 'select.groups-uie', $script = // Our selectize options will be hidden unless the block editor's components panel allows to overflow. $output .= ''; // Act immediately if DOMContentLoaded was already dispatched, otherwise defer to handler. $output .= '