multisite UX, see #11644, add manage_ caps for super_admin, fixes #11803

git-svn-id: http://svn.automattic.com/wordpress/trunk@13301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
wpmuguru 2010-02-22 18:41:38 +00:00
parent 10ee577b12
commit a5a9f32b73
9 changed files with 62 additions and 24 deletions

View File

@ -652,7 +652,7 @@ function site_admin_notice() {
return false; return false;
printf("<div id='update-nag'>" . __("Hi %s! You're logged in as a site administrator.") . "</div>", $current_user->user_login); printf("<div id='update-nag'>" . __("Hi %s! You're logged in as a site administrator.") . "</div>", $current_user->user_login);
if ( get_site_option( 'wpmu_upgrade_site' ) != $wp_db_version ) { if ( get_site_option( 'wpmu_upgrade_site' ) != $wp_db_version ) {
echo "<div id='update-nag'>" . __( 'Thank you for Upgrading! Please visit the <a href="ms-upgrade-site.php">Upgrade Site</a> page to update all your blogs.' ) . "</div>"; echo "<div id='update-nag'>" . __( 'Thank you for Upgrading! Please visit the <a href="ms-upgrade-network.php">Upgrade Network</a> page to update all your blogs.' ) . "</div>";
} }
} }
add_action( 'admin_notices', 'site_admin_notice' ); add_action( 'admin_notices', 'site_admin_notice' );

View File

@ -27,14 +27,14 @@ $awaiting_mod = $awaiting_mod->moderated;
if ( is_multisite() && is_super_admin() ) { if ( is_multisite() && is_super_admin() ) {
/* translators: Network menu item */ /* translators: Network menu item */
$menu[0] = array(__('Network'), 'super_admin', 'ms-admin.php', '', 'menu-top menu-top-first', 'menu-site', 'div'); $menu[0] = array(__('Network'), 'manage_network', 'ms-admin.php', '', 'menu-top menu-top-first', 'menu-site', 'div');
$submenu[ 'ms-admin.php' ][1] = array( __('Admin'), 'super_admin', 'ms-admin.php' ); $submenu[ 'ms-admin.php' ][1] = array( __('Admin'), 'manage_network', 'ms-admin.php' );
/* translators: Sites menu item */ /* translators: Sites menu item */
$submenu[ 'ms-admin.php' ][5] = array( __('Sites'), 'super_admin', 'ms-sites.php' ); $submenu[ 'ms-admin.php' ][5] = array( __('Sites'), 'manage_sites', 'ms-sites.php' );
$submenu[ 'ms-admin.php' ][10] = array( __('Users'), 'super_admin', 'ms-users.php' ); $submenu[ 'ms-admin.php' ][10] = array( __('Users'), 'manage_network_users', 'ms-users.php' );
$submenu[ 'ms-admin.php' ][20] = array( __('Themes'), 'super_admin', 'ms-themes.php' ); $submenu[ 'ms-admin.php' ][20] = array( __('Themes'), 'manage_network_themes', 'ms-themes.php' );
$submenu[ 'ms-admin.php' ][25] = array( __('Options'), 'super_admin', 'ms-options.php' ); $submenu[ 'ms-admin.php' ][25] = array( __('Options'), 'manage_network_options', 'ms-options.php' );
$submenu[ 'ms-admin.php' ][30] = array( __('Upgrade'), 'super_admin', 'ms-upgrade-site.php' ); $submenu[ 'ms-admin.php' ][30] = array( __('Upgrade'), 'manage_network', 'ms-upgrade-network.php' );
$menu[1] = array( '', 'read', 'separator1', '', 'wp-menu-separator' ); $menu[1] = array( '', 'read', 'separator1', '', 'wp-menu-separator' );

View File

@ -14,7 +14,7 @@ add_action( 'admin_head', 'index_css' );
require_once('admin-header.php'); require_once('admin-header.php');
if ( !is_super_admin() ) if ( ! current_user_can( 'manage_network' ) )
wp_die( __('You do not have permission to access this page.') ); wp_die( __('You do not have permission to access this page.') );
global $wpdb; global $wpdb;

View File

@ -4,9 +4,6 @@ require_once('admin.php');
if ( !is_multisite() ) if ( !is_multisite() )
wp_die( __('Multisite support is not enabled.') ); wp_die( __('Multisite support is not enabled.') );
if ( !is_super_admin() )
wp_die( __('You do not have permission to access this page.') );
do_action('wpmuadminedit', ''); do_action('wpmuadminedit', '');
if ( isset($_GET[ 'id' ]) ) if ( isset($_GET[ 'id' ]) )
@ -20,6 +17,9 @@ if ( isset( $_POST['ref'] ) == false && !empty($_SERVER['HTTP_REFERER']) )
switch ( $_GET['action'] ) { switch ( $_GET['action'] ) {
case "siteoptions": case "siteoptions":
check_admin_referer('siteoptions'); check_admin_referer('siteoptions');
if ( ! current_user_can( 'manage_network_options' ) )
wp_die( __('You do not have permission to access this page.') );
if ( empty( $_POST ) ) if ( empty( $_POST ) )
wp_die( __("You probably need to go back to the <a href='ms-options.php'>options page</a>") ); wp_die( __("You probably need to go back to the <a href='ms-options.php'>options page</a>") );
@ -137,6 +137,9 @@ switch ( $_GET['action'] ) {
case "addblog": case "addblog":
check_admin_referer('add-blog'); check_admin_referer('add-blog');
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __('You do not have permission to access this page.') );
if ( is_array( $_POST[ 'blog' ] ) == false ) if ( is_array( $_POST[ 'blog' ] ) == false )
wp_die( "Can't create an empty blog." ); wp_die( "Can't create an empty blog." );
$blog = $_POST['blog']; $blog = $_POST['blog'];
@ -187,6 +190,9 @@ switch ( $_GET['action'] ) {
case "updateblog": case "updateblog":
check_admin_referer('editblog'); check_admin_referer('editblog');
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __('You do not have permission to access this page.') );
if ( empty( $_POST ) ) if ( empty( $_POST ) )
wp_die( __('You probably need to go back to the <a href="ms-sites.php">sites page</a>') ); wp_die( __('You probably need to go back to the <a href="ms-sites.php">sites page</a>') );
@ -288,6 +294,9 @@ switch ( $_GET['action'] ) {
case "deleteblog": case "deleteblog":
check_admin_referer('deleteblog'); check_admin_referer('deleteblog');
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __('You do not have permission to access this page.') );
if ( $id != '0' && $id != $current_site->blog_id ) if ( $id != '0' && $id != $current_site->blog_id )
wpmu_delete_blog( $id, true ); wpmu_delete_blog( $id, true );
@ -297,6 +306,9 @@ switch ( $_GET['action'] ) {
case "allblogs": case "allblogs":
check_admin_referer('allblogs'); check_admin_referer('allblogs');
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __('You do not have permission to access this page.') );
foreach ( (array) $_POST[ 'allblogs' ] as $key => $val ) { foreach ( (array) $_POST[ 'allblogs' ] as $key => $val ) {
if ( $val != '0' && $val != $current_site->blog_id ) { if ( $val != '0' && $val != $current_site->blog_id ) {
if ( isset($_POST['allblog_delete']) ) { if ( isset($_POST['allblog_delete']) ) {
@ -320,6 +332,9 @@ switch ( $_GET['action'] ) {
case "archiveblog": case "archiveblog":
check_admin_referer('archiveblog'); check_admin_referer('archiveblog');
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __('You do not have permission to access this page.') );
update_blog_status( $id, "archived", '1' ); update_blog_status( $id, "archived", '1' );
do_action( "archive_blog", $id ); do_action( "archive_blog", $id );
wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'archive'), $_POST['ref'] ) ); wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'archive'), $_POST['ref'] ) );
@ -328,6 +343,9 @@ switch ( $_GET['action'] ) {
case "unarchiveblog": case "unarchiveblog":
check_admin_referer('unarchiveblog'); check_admin_referer('unarchiveblog');
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __('You do not have permission to access this page.') );
do_action( "unarchive_blog", $id ); do_action( "unarchive_blog", $id );
update_blog_status( $id, "archived", '0' ); update_blog_status( $id, "archived", '0' );
wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'unarchive'), $_POST['ref'] ) ); wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'unarchive'), $_POST['ref'] ) );
@ -336,6 +354,9 @@ switch ( $_GET['action'] ) {
case "activateblog": case "activateblog":
check_admin_referer('activateblog'); check_admin_referer('activateblog');
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __('You do not have permission to access this page.') );
update_blog_status( $id, "deleted", '0' ); update_blog_status( $id, "deleted", '0' );
do_action( "activate_blog", $id ); do_action( "activate_blog", $id );
wp_redirect( add_query_arg( "updated", array('updated' => 'true', 'action' => 'activate'), $_POST['ref'] ) ); wp_redirect( add_query_arg( "updated", array('updated' => 'true', 'action' => 'activate'), $_POST['ref'] ) );
@ -344,6 +365,9 @@ switch ( $_GET['action'] ) {
case "deactivateblog": case "deactivateblog":
check_admin_referer('deactivateblog'); check_admin_referer('deactivateblog');
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __('You do not have permission to access this page.') );
do_action( "deactivate_blog", $id ); do_action( "deactivate_blog", $id );
update_blog_status( $id, "deleted", '1' ); update_blog_status( $id, "deleted", '1' );
wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'deactivate'), $_POST['ref'] ) ); wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'deactivate'), $_POST['ref'] ) );
@ -352,6 +376,9 @@ switch ( $_GET['action'] ) {
case "unspamblog": case "unspamblog":
check_admin_referer('unspamblog'); check_admin_referer('unspamblog');
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __('You do not have permission to access this page.') );
update_blog_status( $id, "spam", '0' ); update_blog_status( $id, "spam", '0' );
wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'unspam'), $_POST['ref'] ) ); wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'unspam'), $_POST['ref'] ) );
exit(); exit();
@ -359,6 +386,9 @@ switch ( $_GET['action'] ) {
case "spamblog": case "spamblog":
check_admin_referer('spamblog'); check_admin_referer('spamblog');
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __('You do not have permission to access this page.') );
update_blog_status( $id, "spam", '1' ); update_blog_status( $id, "spam", '1' );
wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'spam'), $_POST['ref'] ) ); wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'spam'), $_POST['ref'] ) );
exit(); exit();
@ -381,6 +411,9 @@ switch ( $_GET['action'] ) {
// Themes // Themes
case "updatethemes": case "updatethemes":
if ( ! current_user_can( 'manage_network_themes' ) )
wp_die( __('You do not have permission to access this page.') );
if ( is_array( $_POST['theme'] ) ) { if ( is_array( $_POST['theme'] ) ) {
$themes = get_themes(); $themes = get_themes();
reset( $themes ); reset( $themes );
@ -438,6 +471,9 @@ switch ( $_GET['action'] ) {
case "allusers": case "allusers":
check_admin_referer('allusers'); check_admin_referer('allusers');
if ( ! current_user_can( 'manage_network_users' ) )
wp_die( __('You do not have permission to access this page.') );
if ( isset($_POST['alluser_delete']) ) { if ( isset($_POST['alluser_delete']) ) {
require_once('admin-header.php'); require_once('admin-header.php');
echo '<div class="wrap" style="position:relative;">'; echo '<div class="wrap" style="position:relative;">';
@ -487,6 +523,8 @@ switch ( $_GET['action'] ) {
case "adduser": case "adduser":
check_admin_referer('add-user'); check_admin_referer('add-user');
if ( ! current_user_can( 'manage_network_users' ) )
wp_die( __('You do not have permission to access this page.') );
if ( is_array( $_POST[ 'user' ] ) == false ) if ( is_array( $_POST[ 'user' ] ) == false )
wp_die( __( "Cannot create an empty user." ) ); wp_die( __( "Cannot create an empty user." ) );

View File

@ -9,7 +9,7 @@ $parent_file = 'ms-admin.php';
include('admin-header.php'); include('admin-header.php');
if ( !is_super_admin() ) if ( ! current_user_can( 'manage_network_options' ) )
wp_die( __('You do not have permission to access this page.') ); wp_die( __('You do not have permission to access this page.') );
if (isset($_GET['updated'])) { if (isset($_GET['updated'])) {

View File

@ -11,7 +11,7 @@ wp_enqueue_script( 'admin-forms' );
require_once('admin-header.php'); require_once('admin-header.php');
if ( !is_super_admin() ) if ( ! current_user_can( 'manage_sites' ) )
wp_die( __('You do not have permission to access this page.') ); wp_die( __('You do not have permission to access this page.') );
$id = isset($_GET['id']) ? intval( $_GET['id'] ) : 0; $id = isset($_GET['id']) ? intval( $_GET['id'] ) : 0;

View File

@ -5,7 +5,7 @@ $title = __('WordPress &rsaquo; Admin &rsaquo; Themes');
$parent_file = 'ms-admin.php'; $parent_file = 'ms-admin.php';
require_once('admin-header.php'); require_once('admin-header.php');
if ( !is_super_admin() ) if ( ! current_user_can( 'manage_network_themes' ) )
wp_die( __('You do not have permission to access this page.') ); wp_die( __('You do not have permission to access this page.') );
if ( isset($_GET['updated']) ) { if ( isset($_GET['updated']) ) {

View File

@ -6,16 +6,16 @@ if ( !is_multisite() )
require_once( ABSPATH . WPINC . '/http.php' ); require_once( ABSPATH . WPINC . '/http.php' );
$title = __('Upgrade Site'); $title = __('Upgrade Network');
$parent_file = 'ms-admin.php'; $parent_file = 'ms-admin.php';
require_once('admin-header.php'); require_once('admin-header.php');
if ( !is_super_admin() ) if ( ! current_user_can( 'manage_network' ) )
wp_die( __('You do not have permission to access this page.') ); wp_die( __('You do not have permission to access this page.') );
echo '<div class="wrap">'; echo '<div class="wrap">';
screen_icon(); screen_icon();
echo '<h2>'.__('Upgrade Site').'</h2>'; echo '<h2>'.__('Upgrade Network').'</h2>';
$action = isset($_GET['action']) ? $_GET['action'] : 'show'; $action = isset($_GET['action']) ? $_GET['action'] : 'show';
@ -43,11 +43,11 @@ switch ( $action ) {
} }
} }
echo "</ul>"; echo "</ul>";
?><p><?php _e("If your browser doesn't start loading the next page automatically click this link:"); ?> <a class="button" href="ms-upgrade-site.php?action=upgrade&amp;n=<?php echo ($n + 5) ?>"><?php _e("Next Blogs"); ?></a></p> ?><p><?php _e("If your browser doesn't start loading the next page automatically click this link:"); ?> <a class="button" href="ms-upgrade-network.php?action=upgrade&amp;n=<?php echo ($n + 5) ?>"><?php _e("Next Sites"); ?></a></p>
<script type='text/javascript'> <script type='text/javascript'>
<!-- <!--
function nextpage() { function nextpage() {
location.href = "ms-upgrade-site.php?action=upgrade&n=<?php echo ($n + 5) ?>"; location.href = "ms-upgrade-network.php?action=upgrade&n=<?php echo ($n + 5) ?>";
} }
setTimeout( "nextpage()", 250 ); setTimeout( "nextpage()", 250 );
//--> //-->
@ -58,8 +58,8 @@ switch ( $action ) {
break; break;
case 'show': case 'show':
default: default:
?><p><?php _e("You can upgrade all the blogs on your site through this page. It works by calling the upgrade script of each blog automatically. Hit the link below to upgrade."); ?></p> ?><p><?php _e("You can upgrade all the sites on your network through this page. It works by calling the upgrade script of each site automatically. Hit the link below to upgrade."); ?></p>
<p><a class="button" href="ms-upgrade-site.php?action=upgrade"><?php _e("Upgrade Site"); ?></a></p><?php <p><a class="button" href="ms-upgrade-network.php?action=upgrade"><?php _e("Upgrade Network"); ?></a></p><?php
do_action( 'wpmu_upgrade_page' ); do_action( 'wpmu_upgrade_page' );
break; break;
} }

View File

@ -11,7 +11,7 @@ wp_enqueue_script( 'admin-forms' );
require_once('admin-header.php'); require_once('admin-header.php');
if ( !is_super_admin() ) if ( ! current_user_can( 'manage_network_users' ) )
wp_die( __('You do not have permission to access this page.') ); wp_die( __('You do not have permission to access this page.') );
if ( isset($_GET['updated']) && $_GET['updated'] == 'true' ) { if ( isset($_GET['updated']) && $_GET['updated'] == 'true' ) {