Apply fcn_privacy_clearance cap

2023-08-11 12:45:23 +02:00 · 2023-08-11 12:45:23 +02:00 · bc29237f92
commit bc29237f92
parent e95b4c8ede
6 changed files with 65 additions and 94 deletions
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@ -280,7 +280,7 @@ Fictioneer customizes WordPress by using as many standard action and filter hook
 | `manage_pages_columns` | `fictioneer_remove_comments_column`
 | `manage_posts_columns` | `fictioneer_remove_comments_column`
 | `manage_users_columns` | `fictioneer_hide_users_columns`
-| `map_meta_cap` | `fcn_read_others_files`, `fictioneer_edit_others_files`, `fictioneer_delete_others_files`, `fictioneer_privacy_clearance`
+| `map_meta_cap` | `fcn_read_others_files`, `fictioneer_edit_others_files`, `fictioneer_delete_others_files`
 | `navigation_markup_template` | `fictioneer_pagination_markup`
 | `nav_menu_link_attributes` | `fictioneer_add_menu_link_attributes`
 | `pre_comment_user_ip` | `__return_empty_string`
--- a/functions.php
+++ b/functions.php
@ -460,12 +460,6 @@ if ( get_option( 'fictioneer_enable_bookmarks' ) && is_admin() ) {
  require_once __DIR__ . '/includes/functions/users/_bookmarks.php';
 }

-/**
- * Add privacy and security measures.
- */
-
-require_once __DIR__ . '/includes/functions/users/_privacy_security.php';
-
 /**
 * Add content helper functions.
 */
--- a/includes/functions/_roles.php
+++ b/includes/functions/_roles.php
@ -672,6 +672,70 @@ if ( ! current_user_can( 'manage_options' ) ) {
    add_filter( 'map_meta_cap', 'fictioneer_delete_others_files', 9999, 4 );
  }

+  // === FCN_PRIVACY_CLEARANCE =================================================
+
+  /**
+   * Remove email and name columns from user table
+   *
+   * @since Fictioneer 4.7
+   *
+   * @param array $column_headers  Columns to show in the user table.
+   *
+   * @return array Reduced columns to show in the user table.
+   */
+
+  function fictioneer_hide_users_columns( $column_headers ) {
+    unset( $column_headers['email'] );
+    unset( $column_headers['name'] );
+
+    return $column_headers;
+  }
+
+  /**
+   * Remove quick edit from comments table
+   *
+   * The quick edit form for comments shows unfortunately private data that
+   * we want to hide if that setting is enabled.
+   *
+   * @since Fictioneer 4.7
+   *
+   * @param array $actions  Actions per row in the comments table.
+   *
+   * @return array Restricted actions per row in the comments table.
+   */
+
+  function fictioneer_remove_quick_edit( $actions ) {
+    unset( $actions['quickedit'] );
+
+    return $actions;
+  }
+
+  /**
+   * Remove URL and email fields from comment edit page
+   *
+   * Since these are not normally accessible, we need to quickly hide them
+   * with JavaScript. This is not a great solution but better than nothing.
+   *
+   * @since Fictioneer 4.7
+   */
+
+  function fictioneer_hide_private_data() {
+    wp_add_inline_script(
+      'fictioneer-admin-script',
+      "jQuery(function($) {
+        $('.editcomment tr:nth-child(3)').remove();
+        $('.editcomment tr:nth-child(2)').remove();
+      });"
+    );
+  }
+
+  if ( ! current_user_can( 'fcn_privacy_clearance' ) ) {
+    add_filter( 'comment_email', '__return_false', 9999 );
+    add_filter( 'get_comment_author_IP', '__return_empty_string', 9999 );
+    add_filter( 'manage_users_columns', 'fictioneer_hide_users_columns', 9999 );
+    add_filter( 'comment_row_actions', 'fictioneer_remove_quick_edit', 9999 );
+    add_action( 'admin_enqueue_scripts', 'fictioneer_hide_private_data', 9999 );
+  }

 }

--- a/includes/functions/settings/_register_settings.php
+++ b/includes/functions/settings/_register_settings.php
@ -327,13 +327,6 @@ define( 'FICTIONEER_OPTIONS', array(
 			'sanitize_callback' => 'fictioneer_sanitize_checkbox',
      'label' => __( 'Add consent wrappers to embedded content', 'fictioneer' ),
      'default' => false
-    ),
-		'fictioneer_admin_restrict_private_data' => array(
-      'name' => 'fictioneer_admin_restrict_private_data',
-			'group' => 'fictioneer-settings-general-group',
-			'sanitize_callback' => 'fictioneer_sanitize_checkbox',
-      'label' => __( 'Restrict personal data for non-administrators', 'fictioneer' ),
-      'default' => false
    ),
 		'fictioneer_cookie_banner' => array(
      'name' => 'fictioneer_cookie_banner',
--- a/includes/functions/settings/_settings_page_general.php
+++ b/includes/functions/settings/_settings_page_general.php
@ -801,14 +801,6 @@
                  </div>
                </label>

-                <label for="fictioneer_admin_restrict_private_data" class="label-wrapped-checkbox row">
-                  <input name="fictioneer_admin_restrict_private_data" type="checkbox" id="fictioneer_admin_restrict_private_data" <?php echo checked( 1, get_option( 'fictioneer_admin_restrict_private_data' ), false ); ?> value="1">
-                  <div>
-                    <span><?php echo FICTIONEER_OPTIONS['booleans']['fictioneer_admin_restrict_private_data']['label']; ?></span>
-                    <p class="sub-label"><?php _e( 'Hides names, emails, IPs, comment quick edit, and more privacy sensitive data sources.', 'fictioneer' ) ?></p>
-                  </div>
-                </label>
-
                <label for="fictioneer_cookie_banner" class="label-wrapped-checkbox row">
                  <input name="fictioneer_cookie_banner" type="checkbox" id="fictioneer_cookie_banner" <?php echo checked( 1, get_option( 'fictioneer_cookie_banner' ), false ); ?> value="1">
                  <div>
--- a/includes/functions/users/_privacy_security.php
+++ b/includes/functions/users/_privacy_security.php
@ -1,72 +0,0 @@
-<?php
-
-// =============================================================================
-// HIDE PRIVACY SENSITIVE DATA FROM NON-ADMINISTRATORS
-// =============================================================================
-
-/**
- * Remove email and name columns from user table
- *
- * @since Fictioneer 4.7
- *
- * @param array $column_headers Columns to show in the user table.
- *
- * @return array Reduced columns to show in the user table.
- */
-
-function fictioneer_hide_users_columns( $column_headers ) {
-  unset( $column_headers['email'] );
-  unset( $column_headers['name'] );
-  return $column_headers;
-}
-
-/**
- * Remove quick edit from comments table
- *
- * The quick edit form for comments shows unfortunately private data that
- * we want to hide if that setting is enabled.
- *
- * @since Fictioneer 4.7
- *
- * @param array $actions Actions per row in the comments table.
- *
- * @return array Restricted actions per row in the comments table.
- */
-
-function fictioneer_remove_quick_edit( $actions ) {
-  unset( $actions['quickedit'] );
-  return $actions;
-}
-
-/**
- * Remove URL and email fields from comment edit page
- *
- * Since these are not normally accessible, we need to quickly hide them
- * with JavaScript. This is not a great solution but better than nothing.
- *
- * @since Fictioneer 4.7
- */
-
-function fictioneer_hide_private_data() {
-  wp_add_inline_script(
-    'fictioneer-admin-script',
-    "jQuery(function($) {
-      $('.editcomment tr:nth-child(3)').remove();
-      $('.editcomment tr:nth-child(2)').remove();
-    });"
-  );
-}
-
-/**
- * Add filters and action depending on security settings
- */
-
-if ( get_option( 'fictioneer_admin_restrict_private_data' ) && ! current_user_can( 'administrator' ) ) {
-  add_filter( 'manage_users_columns', 'fictioneer_hide_users_columns', 99 );
-  add_filter( 'comment_email', '__return_false', 99 );
-  add_filter( 'get_comment_author_IP', '__return_empty_string', 99 );
-  add_filter( 'comment_row_actions', 'fictioneer_remove_quick_edit', 99 );
-  add_action( 'admin_enqueue_scripts', 'fictioneer_hide_private_data', 99 );
-}
-
-?>