Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature: allow defining of settings capability for more granular access control #1599

Merged
merged 1 commit into from
Oct 9, 2024
Merged

Feature: allow defining of settings capability for more granular access control #1599

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions classes/class-admin.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,11 +110,11 @@ class Admin {
public $view_cap = 'view_stream';

/**
* Capability name for viewing settings
* Capability name for managing settings
*
* @var string
*/
public $settings_cap = 'manage_options';
public $settings_cap = WP_STREAM_SETTINGS_CAPABILITY;

/**
* Total amount of authors to pre-load
Expand Down
2 changes: 1 addition & 1 deletion classes/class-alerts.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ class Alerts {
/**
* Capability required to access alerts.
*/
const CAPABILITY = 'manage_options';
const CAPABILITY = WP_STREAM_SETTINGS_CAPABILITY;

/**
* Holds Instance of plugin object
Expand Down
8 changes: 8 additions & 0 deletions readme.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,14 @@ View the [plugin description on WordPress.org](https://wordpress.org/plugins/str

A list of the connectors is in [connectors.md](connectors.md).

### Configuration

To customize who can manage Stream settings, you can define the `WP_STREAM_SETTINGS_CAPABILITY` constant in your `wp-config.php` file. By default, capability will be set to `manage_options`.

```php
define('WP_STREAM_SETTINGS_CAPABILITY', 'wp_stream_manage_settings');
```

## Known Issues

- We have temporarily disabled the data removal feature through plugin uninstallation, starting with version 3.9.3. We identified a few edge cases that did not behave as expected and we decided that a temporary removal is preferable at this time for such an impactful and irreversible operation. Our team is actively working on refining this feature to ensure it performs optimally and securely. We plan to reintroduce it in a future update with enhanced safeguards.
Expand Down
7 changes: 7 additions & 0 deletions stream.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,13 @@
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/

/**
* Configuration Constants
*/
if ( ! defined( 'WP_STREAM_SETTINGS_CAPABILITY' ) ) {
define( 'WP_STREAM_SETTINGS_CAPABILITY', 'manage_options' );
}

const WP_STREAM_MIN_PHP_VERSION = '7.0';

if ( version_compare( PHP_VERSION, WP_STREAM_MIN_PHP_VERSION, '<' ) ) {
Expand Down