diff --git a/includes/class-gravityview-admin-bar.php b/includes/class-gravityview-admin-bar.php index abf826b42..d5004c5cd 100644 --- a/includes/class-gravityview-admin-bar.php +++ b/includes/class-gravityview-admin-bar.php @@ -127,9 +127,12 @@ function add_edit_entry_link() { */ function add_edit_view_and_form_link() { /** @var WP_Admin_Bar $wp_admin_bar */ - global $wp_admin_bar; + global $wp_admin_bar, $post; - if ( ! GVCommon::has_cap( array( 'edit_gravityviews', 'edit_gravityview', 'gravityforms_edit_forms' ) ) ) { + if ( ! GVCommon::has_cap( + [ 'edit_gravityviews', 'edit_gravityview', 'gravityforms_edit_forms' ], + isset( $post ) ? $post->ID : null + ) ) { return; } diff --git a/includes/class-gravityview-change-entry-creator.php b/includes/class-gravityview-change-entry-creator.php index 7b7cb2fa7..52f96560b 100644 --- a/includes/class-gravityview-change-entry-creator.php +++ b/includes/class-gravityview-change-entry-creator.php @@ -4,36 +4,40 @@ * @since 1.2 */ class GravityView_Change_Entry_Creator { - - /* - * @var int Number of users to show in the select element + /** + * Number of users to show in the select element. + * + * @var int */ - const DEFAULT_NUMBER_OF_USERS = 100; + public const DEFAULT_NUMBER_OF_USERS = 100; - function __construct() { + /** + * Initializes the hooks. + */ + public function __construct() { /** * @since 1.5.1 */ - add_action( 'gform_user_registered', array( $this, 'assign_new_user_to_lead' ), 10, 4 ); - - // ONLY ADMIN FROM HERE ON. - if ( ! is_admin() ) { - return; - } + add_action( 'gform_user_registered', array( $this, 'assign_new_user_to_lead' ), 10, 3 ); /** * Disable the Change Entry Creator functionality. * * @since 1.7.4 + * * @param boolean $disable Disable the Change Entry Creator functionality. Default: false. */ if ( apply_filters( 'gravityview_disable_change_entry_creator', false ) ) { return; } + add_filter( 'gravityview_entry_default_fields', [ $this, 'register_edit_field' ], 10, 3 ); + add_filter( 'gravityview/edit_entry/form_fields', [ $this, 'register_created_by_input' ], 10, 3 ); + add_filter( 'gravityview_field_visibility_caps', [ $this, 'created_by_visibility_caps' ], 15, 3 ); + /** - * Use `init` to fix bbPress warning + * Use `init` to fix bbPress warning. * * @see https://bbpress.trac.wordpress.org/ticket/2309 */ @@ -41,7 +45,7 @@ function __construct() { add_action( 'plugins_loaded', array( $this, 'prevent_conflicts' ) ); - // Enqueue and allow selectWoo UI assets + // Enqueue and allow selectWoo UI assets. add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_selectwoo_assets' ) ); add_filter( 'gform_noconflict_scripts', array( $this, 'register_gform_noconflict' ) ); add_filter( 'gform_noconflict_styles', array( $this, 'register_gform_noconflict' ) ); @@ -55,13 +59,13 @@ function __construct() { * * @since 2.9.1 */ - function enqueue_selectwoo_assets() { + public function enqueue_selectwoo_assets() { if ( ! class_exists( 'GFForms' ) ) { return; } - if ( ! in_array( GFForms::get_page(), array( 'entry_detail_edit' ) ) ) { + if ( GFForms::get_page() !== 'entry_detail_edit' ) { return; } @@ -76,7 +80,12 @@ function enqueue_selectwoo_assets() { wp_enqueue_script( 'gravityview_selectwoo', plugins_url( 'assets/lib/selectWoo/selectWoo.full.min.js', GRAVITYVIEW_FILE ), array(), $version ); wp_enqueue_style( 'gravityview_selectwoo', plugins_url( 'assets/lib/selectWoo/selectWoo.min.css', GRAVITYVIEW_FILE ), array(), $version ); - wp_enqueue_script( 'gravityview_entry_creator', plugins_url( 'assets/js/admin-entry-creator' . $script_debug . '.js', GRAVITYVIEW_FILE ), array( 'jquery', 'gravityview_selectwoo' ), $version ); + wp_enqueue_script( + 'gravityview_entry_creator', + plugins_url( 'assets/js/admin-entry-creator' . $script_debug . '.js', GRAVITYVIEW_FILE ), + [ 'jquery', 'gravityview_selectwoo' ], + $version + ); wp_localize_script( 'gravityview_entry_creator', @@ -97,7 +106,7 @@ function enqueue_selectwoo_assets() { * * @since 2.9.1 */ - function entry_creator_get_users() { + public function entry_creator_get_users() { $post_var = wp_parse_args( wp_unslash( $_POST ), @@ -131,17 +140,18 @@ function entry_creator_get_users() { } /** - * When an user is created using the User Registration add-on, assign the entry to them + * When a user is created using the User Registration add-on, assign the entry to them. * * @since 1.5.1 - * @param int $user_id WordPress User ID - * @param array $config User registration feed configuration - * @param array $entry GF Entry array - * @param string $password User password + * + * @param int $user_id WordPress User ID. + * @param array $config User registration feed configuration. + * @param array $entry GF Entry array. + * * @return void - * @uses RGFormsModel::update_lead_property() Modify the entry `created_by` field + * @uses RGFormsModel::update_lead_property() Modify the entry `created_by` field. */ - function assign_new_user_to_lead( $user_id, $config, $entry = array(), $password = '' ) { + public function assign_new_user_to_lead( $user_id, $config, $entry = array() ) { /** * Disable assigning the new user to the entry by returning false. @@ -152,12 +162,12 @@ function assign_new_user_to_lead( $user_id, $config, $entry = array(), $password */ $assign_to_lead = apply_filters( 'gravityview_assign_new_user_to_entry', true, $user_id, $config, $entry ); - // If filter returns false, do not process + // If filter returns false, do not process. if ( empty( $assign_to_lead ) ) { return; } - // Update the entry. The `false` prevents checking Akismet; `true` disables the user updated hook from firing + // Update the entry. The `false` prevents checking Akismet; `true` disables the user updated hook from firing. $result = RGFormsModel::update_entry_property( (int) $entry['id'], 'created_by', (int) $user_id, false, true ); if ( false === $result ) { @@ -166,7 +176,8 @@ function assign_new_user_to_lead( $user_id, $config, $entry = array(), $password $note = sprintf( '%s: Failed to assign User ID #%d as the entry creator (Last database error: "%s")', $status, $user_id, $wpdb->last_error ); } else { $status = __( 'Success', 'gk-gravityview' ); - $note = sprintf( _x( '%1$s: Assigned User ID #%2$d as the entry creator.', 'First parameter: Success or error of the action. Second: User ID number', 'gk-gravityview' ), $status, $user_id ); + // Translators: %1$s contains either `Success` or `error`, and %2$d contains the User ID. + $note = sprintf( _x( '%1$s: Assigned User ID #%2$d as the entry creator.', 'First parameter: Success or error of the action. Second: User ID number', 'gk-gravityview' ), $status, $user_id ); } gravityview()->log->debug( 'GravityView_Change_Entry_Creator[assign_new_user_to_lead] - {note}', array( 'note' => $note ) ); @@ -175,6 +186,7 @@ function assign_new_user_to_lead( $user_id, $config, $entry = array(), $password * Disable adding a note when changing the entry creator. * * @since 1.21.5 + * * @param boolean $disable Disable the Change Entry Creator note. Default: false. */ if ( apply_filters( 'gravityview_disable_change_entry_creator_note', false ) ) { @@ -189,19 +201,48 @@ function assign_new_user_to_lead( $user_id, $config, $entry = array(), $password * * @return void */ - function prevent_conflicts() { - - // Plugin that was provided here: - // @link https://www.gravitykit.com/support/documentation/201991205/ + public function prevent_conflicts() { + /** + * Plugin that was provided here: + * + * @link https://www.gravitykit.com/support/documentation/201991205/ + */ remove_action( 'gform_entry_info', 'gravityview_change_entry_creator_form', 10 ); remove_action( 'gform_after_update_entry', 'gravityview_update_entry_creator', 10 ); } + /** + * Whether the current user has the rights to edit the entry creator. + * + * @since $ver$ + * + * @return bool Whether the user has rights. + */ + private function is_user_allowed(): bool { + if ( ! GVCommon::has_cap( 'list_users' ) ) { + return false; + } + + // Can the user edit entries? + if ( ! GVCommon::has_cap( + [ + 'gravityforms_edit_entries', + 'gravityview_edit_entries', + 'gravityview_edit_others_entries', + 'gravityview_edit_form_entries', + ] + ) ) { + return false; + } + + return true; + } + /** * @since 3.6.3 * @return void */ - function load() { + public function load() { // Does GF exist? if ( ! class_exists( 'GFCommon' ) ) { @@ -209,21 +250,28 @@ function load() { } // Can the user edit entries? - if ( ! GVCommon::has_cap( array( 'gravityforms_edit_entries', 'gravityview_edit_entries' ) ) ) { + if ( ! $this->is_user_allowed() ) { return; } - // If screen mode isn't set, then we're in the wrong place. - if ( empty( $_REQUEST['screen_mode'] ) ) { + /** + * If screen mode isn't set, then we're in the wrong place. + * But if we posted a valid nonce, then we are legit. + */ + if ( + empty( $_REQUEST['screen_mode'] ) + && ( + ! rgpost( 'gv_entry_creator_nonce' ) + || ! wp_verify_nonce( rgpost( 'gv_entry_creator_nonce' ), 'gv_entry_creator' ) + ) + ) { return; } // Now, no validation is required in the methods; let's hook in. - add_action( 'admin_init', array( &$this, 'set_screen_mode' ) ); - - add_action( 'gform_entry_info', array( &$this, 'add_select' ), 10, 2 ); - - add_action( 'gform_after_update_entry', array( &$this, 'update_entry_creator' ), 10, 2 ); + add_action( 'admin_init', [ $this, 'set_screen_mode' ] ); + add_action( 'gform_entry_info', [ $this, 'add_select' ], 10, 2 ); + add_action( 'gform_after_update_entry', [ $this, 'update_entry_creator' ], 10, 3 ); } /** @@ -231,50 +279,54 @@ function load() { * * @return void */ - function set_screen_mode() { + public function set_screen_mode() { if ( 'view' === \GV\Utils::_POST( 'screen_mode' ) ) { return; } - // If $_GET['screen_mode'] is set to edit, set $_POST value + // If $_GET['screen_mode'] is set to edit, set $_POST value. if ( 'edit' === \GV\Utils::_GET( 'screen_mode' ) ) { $_POST['screen_mode'] = 'edit'; } } /** - * When the entry creator is changed, add a note to the entry + * When the entry creator is changed, add a note to the entry. + * + * @param array $form GF entry array. + * @param int $entry_id Entry ID. + * @param array $original_entry The entry before updating. * - * @param array $form GF entry array - * @param int $entry_id Entry ID * @return void */ - function update_entry_creator( $form, $entry_id ) { + public function update_entry_creator( $form, $entry_id, array $original_entry ) { global $current_user; - // Update the entry + // Update the entry. $created_by = absint( \GV\Utils::_POST( 'created_by' ) ); RGFormsModel::update_lead_property( $entry_id, 'created_by', $created_by ); // If the creator has changed, let's add a note about who it used to be. - $originally_created_by = \GV\Utils::_POST( 'originally_created_by' ); + $originally_created_by = rgar( $original_entry, 'created_by' ); - // If there's no owner and there didn't used to be, keep going + // If there's no owner and there didn't used to be, keep going. if ( empty( $originally_created_by ) && empty( $created_by ) ) { return; } - // If the values have changed + // If the values have changed. if ( absint( $originally_created_by ) !== absint( $created_by ) ) { $user_data = get_userdata( $current_user->ID ); + // Translators: %1$s contains the user's name, and %2$d contains the user ID. $user_format = _x( '%1$s (ID #%2$d)', 'The name and the ID of users who initiated changes to entry ownership', 'gk-gravityview' ); - $original_name = $created_by_name = esc_attr_x( 'No User', 'To show that the entry was unassigned from an actual user to no user.', 'gk-gravityview' ); + $created_by_name = esc_attr_x( 'No User', 'To show that the entry was unassigned from an actual user to no user.', 'gk-gravityview' ); + $original_name = $created_by_name; if ( ! empty( $originally_created_by ) ) { $originally_created_by_user_data = get_userdata( $originally_created_by ); @@ -292,28 +344,22 @@ function update_entry_creator( $form, $entry_id ) { esc_attr_x( 'Deleted User', 'To show that the entry was created by a no longer existing user.', 'gk-gravityview' ); } + // Translators: %1$s contains the original user's name, %2$s contains the new user's name. GravityView_Entry_Notes::add_note( $entry_id, $current_user->ID, $user_data->display_name, sprintf( __( 'Changed entry creator from %1$s to %2$s', 'gk-gravityview' ), $original_name, $created_by_name ), 'note' ); } } /** - * Output select element used to change the entry creator + * Returns the HTML for the user select field. * - * @param int $form_id GF Form ID - * @param array $entry GF entry array + * @since $ver$ * - * @return void + * @param array $entry The entry object. + * + * @return string The HTML. */ - function add_select( $form_id, $entry ) { - - if ( 'edit' !== \GV\Utils::_POST( 'screen_mode' ) ) { - return; - } - - $output = ''; - $output .= ''; $entry_creator_user_id = \GV\Utils::get( $entry, 'created_by' ); @@ -322,7 +368,7 @@ function add_select( $form_id, $entry ) { $output .= ''; - // Always show the entry creator, even when the user isn't included within the pagination limits + // Always show the entry creator, even when the user isn't included within the pagination limits. if ( ! empty( $entry_creator_user_id ) && ! empty( $entry_creator_user ) ) { $output .= ''; } @@ -341,32 +387,170 @@ function add_select( $form_id, $entry ) { $users_displayed = self::DEFAULT_NUMBER_OF_USERS + ( ! empty( $entry_creator_user ) ? 1 : 0 ); if ( $user_count > $users_displayed ) { $remaining_users = $user_count - $users_displayed; - $user_users = _n( esc_html__( 'user', 'gk-gravityview' ), esc_html__( 'users', 'gk-gravityview' ), $remaining_users ); - $message = esc_html_x( 'Use the input above to search the remaining %1$d %2$s.', '%d is replaced with user count %s is replaced with "user" or "users"', 'gk-gravityview' ); - $message = sprintf( $message, $remaining_users, $user_users ); - $output .= ''; + $user_users = _n( 'user', 'users', $remaining_users, 'gk-gravityview' ); + // Translators: %1$d is the user count, %2$s is either `user` or `users` (singular vs. plural). + $message = esc_html_x( 'Use the input above to search the remaining %1$d %2$s.', '%d is replaced with user count %s is replaced with "user" or "users"', 'gk-gravityview' ); + $message = sprintf( $message, $remaining_users, $user_users ); + $output .= ''; } $output .= ''; - $output .= ''; $output .= wp_nonce_field( 'gv_entry_creator', 'gv_entry_creator_nonce', false, false ); - echo $output; + return $output; } /** - * Allow UI assets + * Output select element used to change the entry creator. * - * @param array $assets + * @param int $form_id GF Form ID. + * @param array $entry GF entry array. * - * @return array + * @return void */ - function register_gform_noconflict( $assets ) { + public function add_select( $form_id, $entry ) { + + if ( 'edit' !== \GV\Utils::_POST( 'screen_mode' ) ) { + return; + } + + $output = ''; + $output .= self::get_select_field( $entry ); + + echo wp_kses( + $output, + [ + 'label' => [ 'for' => true ], + 'select' => [ + 'id' => true, + 'name' => true, + 'class' => true, + ], + 'option' => [ + 'value' => true, + 'selected' => true, + 'disabled' => true, + ], + ] + ); + } + + /** + * Allow UI assets. + * + * @param string[] $assets The asset urls. + * + * @return array Updated asset urls. + */ + public function register_gform_noconflict( $assets ) { $assets[] = 'gravityview_selectwoo'; $assets[] = 'gravityview_entry_creator'; return $assets; } + + /** + * Registers the `created_by` field on the `Edit Entry` tab. + * + * @since $ver$ + * + * @param GF_Field[] $fields The registered fields. + * @param array $form The form object. + * @param string $zone The fields zone. + * + * @return array The updated fields array. + */ + public function register_edit_field( array $fields, array $form, string $zone ): array { + if ( 'edit' !== $zone ) { + return $fields; + } + + $meta_fields = GravityView_Fields::get_all( array( 'meta', 'gravityview' ), $zone ); + $field = $meta_fields['created_by'] ?? null; + + if ( $field ) { + $fields += $field->as_array(); + } + + return $fields; + } + + /** + * Registers the `created_by` field on the `Edit Entry` tab. + * + * @since $ver$ + * + * @param GF_Field[] $fields The registered fields. + * @param array|null $editable_fields The fields zone. + * @param array $form The form object. + * + * @return array The updated fields array. + */ + public function register_created_by_input( array $fields, ?array $editable_fields, array $form ): array { + require_once GFCommon::get_base_path() . '/export.php'; + + // Don't add the `created_by` field if the user can't change it. + $editable_field_ids = array_flip( + array_map( + static function ( array $field ): string { + return $field['id'] ?? 0; + }, + $editable_fields ?? [] + ) + ); + + $form = GFExport::add_default_export_fields( $form ); + $form_fields = array_column( $form['fields'], null, 'id' ); + + // Don't show field automatically, only when actively added. + if ( null === $editable_fields || ! isset( $editable_field_ids['created_by'] ) ) { + return $fields; + } + + $configuration = $editable_fields[ $editable_field_ids['created_by'] ] ?? []; + + if ( ! GVCommon::has_cap( array( $configuration['allow_edit_cap'] ?? 'manage_options' ) ) ) { + return $fields; + } + + $fields[] = GravityView_Edit_Entry_Render::merge_field_properties( $form_fields['created_by'], $configuration ); + + // Sort fields according to Gravity View. + $sort_order_lookup = array_flip( array_keys( $editable_field_ids ) ); + + uasort( + $fields, + static function ( GF_Field $a, GF_Field $b ) use ( $sort_order_lookup ): int { + return $sort_order_lookup[ $a->id ] ?? 0 <=> $sort_order_lookup[ $b->id ]; + } + ); + + return $fields; + } + + /** + * Manages the visibility capabilities for the `created_by` field on the edit page. + * + * @since $ver$ + * + * @param array $caps The capabilities. + * @param string $template The template name. + * @param string $field The field name. + * + * @return array The new capabilities. + */ + public function created_by_visibility_caps( array $caps, string $template, string $field ): array { + if ( 'created_by' !== $field || false === strpos( $template, 'edit' ) ) { + return $caps; + } + + // Read users can't update the `created_by` field. + unset( $caps['read'] ); + + return $caps; + } } new GravityView_Change_Entry_Creator(); diff --git a/includes/extensions/edit-entry/class-edit-entry-render.php b/includes/extensions/edit-entry/class-edit-entry-render.php index 8a3b9d143..74d2c9dc7 100644 --- a/includes/extensions/edit-entry/class-edit-entry-render.php +++ b/includes/extensions/edit-entry/class-edit-entry-render.php @@ -901,7 +901,7 @@ private function maybe_update_post_fields( $form ) { $value = $value[ $field_id ]; } - if( ! empty( $field->customFieldTemplateEnabled ) ) { + if ( ! empty( $field->customFieldTemplateEnabled ) ) { $value = $this->fill_post_template( $field->customFieldTemplate, $form, $entry_tmp, true ); } @@ -1095,7 +1095,8 @@ public function edit_entry_form() { ?>

- + + ?> +

maybe_print_message(); ?> @@ -1492,8 +1494,8 @@ public function modify_edit_field_input( $field_content = '', $field = null, $va // If the form has been submitted, then we don't need to pre-fill the values, // Except for fileupload type and when a field input is overridden- run always!! - if( - ( $this->is_edit_entry_submission() && !in_array( $field->get_input_type(), array( 'fileupload', 'post_image' ) ) ) + if ( + ( $this->is_edit_entry_submission() && ! in_array( $field->get_input_type(), array( 'fileupload', 'post_image' ) ) ) && false === ( $gv_field && is_callable( array( $gv_field, 'get_field_input' ) ) ) && ! GFCommon::is_product_field( $field->type ) || ! empty( $field_content ) @@ -2066,7 +2068,7 @@ private function filter_fields( $fields, $configured_fields ) { /** @var GF_Field $field */ foreach ( $fields as $field ) { if ( intval( $configured_field['id'] ) === intval( $field->id ) && $this->user_can_edit_field( $configured_field, false ) ) { - $edit_fields[] = $this->merge_field_properties( $field, $configured_field ); + $edit_fields[] = static::merge_field_properties( $field, $configured_field ); break; } } @@ -2083,7 +2085,7 @@ private function filter_fields( $fields, $configured_fields ) { * @since 1.5 * @return array|GF_Field */ - private function merge_field_properties( $field, $field_setting ) { + public static function merge_field_properties( $field, $field_setting ) { $return_field = $field; @@ -2091,6 +2093,8 @@ private function merge_field_properties( $field, $field_setting ) { $return_field->label = ''; } elseif ( ! empty( $field_setting['custom_label'] ) ) { $return_field->label = $field_setting['custom_label']; + } elseif ( ! empty( $field_setting['label'] ) ) { + $return_field->label = $field_setting['label']; } if ( ! empty( $field_setting['custom_class'] ) ) { diff --git a/includes/fields/class-gravityview-field-created-by.php b/includes/fields/class-gravityview-field-created-by.php index b842ddaaf..f668cf572 100644 --- a/includes/fields/class-gravityview-field-created-by.php +++ b/includes/fields/class-gravityview-field-created-by.php @@ -153,6 +153,25 @@ public function field_options( $field_options, $template_id, $field_id, $context return $field_options; } + + /** + * Returns the HTML for the field input. + * + * @since $ver$ + * + * @param array $form The form object. + * @param mixed $value The field value. + * @param array $entry The entry object. + * @param GF_Field $field The field object. + * + * @return string The input HTML. + */ + public function get_field_input( array $form, $value, array $entry, GF_Field $field ): string { + return sprintf( + '
%s
', + GravityView_Change_Entry_Creator::get_select_field( $entry ) + ); + } } new GravityView_Field_Created_By(); diff --git a/includes/fields/class-gravityview-fields.php b/includes/fields/class-gravityview-fields.php index fbfab7745..06054ce51 100644 --- a/includes/fields/class-gravityview-fields.php +++ b/includes/fields/class-gravityview-fields.php @@ -93,11 +93,20 @@ public static function get( $field_name ) { * @return GravityView_Field|false Returns false if no matching fields found */ public static function get_associated_field( $gf_field ) { - - $field_type = is_a( $gf_field, 'GF_Field' ) ? get_class( $gf_field ) : $gf_field; + $is_field = $gf_field instanceof GF_Field; + $field_class = $is_field ? get_class( $gf_field ) : $gf_field; + $field_name = $is_field && ! is_numeric( $gf_field->id ) ? $gf_field->id : null; + + if ( $field_name ) { + foreach ( self::$_fields as $field ) { + if ( $field_name === $field->name ) { + return $field; + } + } + } foreach ( self::$_fields as $field ) { - if ( $field_type === $field->_gf_field_class_name ) { + if ( $field_class === $field->_gf_field_class_name ) { return $field; } } diff --git a/readme.txt b/readme.txt index 1e724c5de..db9c2eebb 100644 --- a/readme.txt +++ b/readme.txt @@ -23,6 +23,7 @@ Beautifully display your Gravity Forms entries. Learn more on [gravitykit.com](h = develop = +* Added: Entry creator can be changed from the Edit Entry Layout. * Added: `{now}`, `{yesterday}` and `{tomorrow}` relative date merge tags. * Improved: Better handling of multi-file uploads on the Edit Entry screen. * Improved: The page no longer suddenly scrolls up when adding a field.