How to use an UAM function from within a theme/excerpt.php

[Trebly]

Hello,

Sorry it the third message with same basic subject. I try to be more simple and precise:

How can I use UAM from the "excerpt.php" code of a theme (I have naturally a current post and a current user and I want to know if UAM gives access to the post). Secondarily I would like to be able to get the corresponding "capabilities".

That is all (may not so simple that I suppose).

If I have read the code of the nextgen example and got the principles, I am fully unable to imagine how I can do what I have described above and more unable to implement something that can work quickly. I thought I could invoke easily an UAM function like checkObjectAccess from this php code when the whole context of "post management" is active.

Best regards Trebly

---

note : it is urgent because I am quite ready to launch my site but I cannot because the lists (of excerpts) contains the excerpts of documents which are not ready, documents published to be read only by author etc. documents which will be well locked by UAM for display for visitor or subcriber, 90%...

[GM-Alex]

Hi,

the following Code will check if the current user has access to the given post:

/** @var \UserAccessManager\UserAccessManager $UserAccessManager */
global $UserAccessManager;

$accessHandler = $UserAccessManager->getAccessHandler();
$accessHandler->checkObjectAccess($post->post_type, $post->ID);

I'm not sure in which context you need the capabilities, these are normally provided by Wordpress. You can receive them like that:

global $wpdb;
$capabilitiesTable = $wpdb->prefix.'capabilities';
$user = get_userdata($id);
$capabilities = (isset($user->{$capabilitiesTable}) === true) ? $user->{$capabilitiesTable} : [];

I hope that helps.

[Trebly]

Hi,

Thanks for this quick answer.

I have tested, there no problem, it is now integrated into my code, This for the first part.

For the second part, the capabilities. I probably have not well explained what I mean. This is for developments thoughts. With the code that you propose I will get the capabilities of the current user (But with user[0], a visitor, capabilities are normally [] - see note 1). I know this quite well.

What I mean is that when the object (here an article or page post) is checked by UAM ( UAM checkObjectAccess) there are inherited capabilities by UAM, inherited from the current UAM groups to which the post is attached.

There are three types of capabilities to consider in my way of viewing this problem:

• The defined capabilities of the group : (read or not and/or write or not) regardless the capabilities of the current user else than read-write : if the best uam-group gives only the right to read the post the current user even he has the capability to write post should not be able when uam is running. I need to check this too reading inherited capabilities by uam-groups towards the current user.
• The additional capabilities which comes from UAM parameters (for example see Title or not if Read is not allowed)
• The capabilities which can be considered as filtered and/or not by the uam-groups in which roles of the current-user are defined. These can be rights on forum or other custom or plugins associated capabilities (not managed by uam currently - see note 2).

What I should wish to be able to do and use : Show or not show some data, buttons, links, depending of the capabilities drained by uam and user capabilities known by native wp. This is for a part implemented into my theme. But for example I uses (current_user_can('editor') || ...) to show or not a block which contains data and links to edit/write the document but this regardless uam-groups... Currently for example I cannot control the view of do_shortcode("[post_view]") for something which is not linked at all to UAM, this for example. With the direct check of uam-read access and the capabilities of the user I can check now (since this morning), if the user have not uam-access, if he has or not nevertheless the visibility of excerpts of some post (I have defined the custom capability "read-excerpt"), while simple visitor has not for example. If true I display a special excerpt, if not I exit and do not show anything about the post.

Sorry for the length but I try to explain the best way something which seems complex.

Then by comparison of capabilities drained by uam (currently access or not) and user full capabilities I can decide a lot of thing for the UI.

Best regards Trebly

---

note 1 : I have added a function to UserHandler : "check_visitor_role". This function sets (dynamically) the roles "person" and "uam-visitor" and linked capabilities to a user->ID=0. It is called by "getUserRole" when user->ID=0. This allows to manage easily the displays for the visitor as for my old patched version.

note 2 : uam can be seen as a filter of capabilities, adding some, for groups of objects (those attached to uam groups) , read write and so on. The developer can then use these capabilities to decide what to do in details with the result of this filter of capabilities on an object instance.

note 3 : added : during checks I just met the exact case about capabilities inherited and user capabilities: I have a user 'subscriber+' which has the current capability to read excerpts of all post, but for one document which is associated to the alone 'subscriber-' who have not the right to see any excerpt : do I show or not the excerpt ? Do I consider that subscriber+ inherits of the right of subscriber- but what are his right on documents associated by uam group to subscriber- only ? Another case is 'subscriber+' which can see excerpts of some posts to which he has no full read access but not all posts. I must find and use a way to lock the excerpt view of others posts which answers to others uam-groups. I have no answer nor proposal (not found the logical process of decision) for this case with our tools. Then for now the point that I reached is to show the excerpt only for whom has an uam access allowed. it is a major point.