From f0b44be0449236a75a5ebb9fbe5f3b5420664cff Mon Sep 17 00:00:00 2001 From: Roelof Roos Date: Mon, 8 Oct 2018 16:22:05 +0200 Subject: [PATCH] Added post capability limiter --- .../src/Hooks/PostTypeHandler.php | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/gumbo-millennium/src/Hooks/PostTypeHandler.php b/gumbo-millennium/src/Hooks/PostTypeHandler.php index 788ad7b..d6f5bd8 100644 --- a/gumbo-millennium/src/Hooks/PostTypeHandler.php +++ b/gumbo-millennium/src/Hooks/PostTypeHandler.php @@ -32,6 +32,9 @@ public function bind() : void { // Add custom post types add_action('init', [$this, 'init']); + + // De-register capabilities + add_action('admin_init', [$this, 'restrictPostTypeCapabilities']); } /** @@ -48,4 +51,35 @@ public function init() : void } } } + + /** + * Restrict capabilities for post types, such as thumbnails on pages and comments on all pages. + * + * @return void + */ + public function restrictPostTypeCapabilities() : void + { + /* + * All core features are directly associated with a functional area of the edit + * screen, such as the editor or a meta box. Features include: 'title', 'editor', + * 'comments', 'revisions', 'trackbacks', 'author', 'excerpt', 'page-attributes', + * 'thumbnail', 'custom-fields', and 'post-formats'. + */ + $allowedCapabilityMap = [ + 'comments' => ['activity'], + 'trackbacks' => null, + 'thumbnail' => ['posts', 'attachments'], + 'post-formats' => null + ]; + + // Check all capabilities, and remove all non-matching ones + foreach ($allowedCapabilityMap as $capability => $types) { + $currentTypes = get_post_types_by_support($capability); + foreach ($currentTypes as $type) { + if ($types === null || !in_array($type, $types)) { + remove_post_type_support($type, $capability); + } + } + } + } }