Added "super users" to the wpmu options page.

git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@190 7be80a69-a1ef-0310-a953-fb0f7c49ff36

8 files changed, 52 insertions, 25 deletions

diff --git a/wp-inst/wp-admin/menu.php b/wp-inst/wp-admin/menu.php
index b16db9b..8d56446 100644
--- a/wp-inst/wp-admin/menu.php
+++ b/wp-inst/wp-admin/menu.php
@@ -59,13 +59,14 @@ $submenu['options-personal.php'][20] = array(__('Reading'), 'manage_options', 'o
 
 $submenu['themes.php'][5] = array(__('Themes'), 'switch_themes', 'themes.php');
 
-if( $wpblog == 'main' && current_user_can( "level_10" ) ) {
-        $menu[1] = array(__('Site Admin'), 10, 'wpmu-admin.php' );
+get_currentuserinfo();
+if( is_site_admin() ) {
+	$menu[1] = array(__('Site Admin'), 'subscriber', 'wpmu-admin.php' );
+	$submenu[ 'wpmu-admin.php' ][5] = array( 'Blogs', 'subscriber', 'wpmu-blogs.php' );
+	$submenu[ 'wpmu-admin.php' ][10] = array( 'Users', 'subscriber', 'wpmu-users.php' );
+	$submenu[ 'wpmu-admin.php' ][15] = array( 'Feeds', 'subscriber', 'wpmu-feeds.php' );
+	$submenu[ 'wpmu-admin.php' ][20] = array( 'Options', 'subscriber', 'wpmu-options.php' );
 }
-$submenu[ 'wpmu-admin.php' ][5] = array( 'Blogs', 10, 'wpmu-blogs.php' );
-$submenu[ 'wpmu-admin.php' ][10] = array( 'Users', 10, 'wpmu-users.php' );
-$submenu[ 'wpmu-admin.php' ][15] = array( 'Feeds', 10, 'wpmu-feeds.php' );
-$submenu[ 'wpmu-admin.php' ][20] = array( 'Options', 10, 'wpmu-options.php' );
 
 // Create list of page plugin hook names.
 foreach ($menu as $menu_page) {
diff --git a/wp-inst/wp-admin/wpmu-admin.php b/wp-inst/wp-admin/wpmu-admin.php
index ee2c601..f049166 100644
--- a/wp-inst/wp-admin/wpmu-admin.php
+++ b/wp-inst/wp-admin/wpmu-admin.php
@@ -4,7 +4,7 @@ require_once('admin.php');
 $title = __('WPMU Admin');
 $parent_file = 'wpmu-admin.php';
 require_once('admin-header.php');
-if( $wpblog != 'main' || $user_level < 10) {
+if( is_site_admin() == false ) {
     die( __('<p>You do not have permission to access this page.</p>') );
 }
 if (isset($_GET['updated'])) {
diff --git a/wp-inst/wp-admin/wpmu-blogs.php b/wp-inst/wp-admin/wpmu-blogs.php
index aa9155d..64e7cb5 100644
--- a/wp-inst/wp-admin/wpmu-blogs.php
+++ b/wp-inst/wp-admin/wpmu-blogs.php
@@ -4,7 +4,7 @@ require_once('admin.php');
 $title = __('WPMU Admin');
 $parent_file = 'wpmu-admin.php';
 require_once('admin-header.php');
-if( $wpblog != 'main' || $user_level < 10) {
+if( is_site_admin() == false ) {
     die( __('<p>You do not have permission to access this page.</p>') );
 }
 if (isset($_GET['updated'])) {
diff --git a/wp-inst/wp-admin/wpmu-edit.php b/wp-inst/wp-admin/wpmu-edit.php
index 1da0740..89335cd 100644
--- a/wp-inst/wp-admin/wpmu-edit.php
+++ b/wp-inst/wp-admin/wpmu-edit.php
@@ -1,7 +1,7 @@
 <?php
 require_once('admin.php');
 
-if( $wpblog != 'main' || $user_level < 10) {
+if( is_site_admin() == false ) {
     die( __('<p>You do not have permission to access this page.</p>') );
 }
 
@@ -24,6 +24,7 @@ switch( $_GET[ 'action' ] ) {
 		update_site_option( "first_post", $_POST[ 'first_post' ] );
 		update_site_option( "welcome_email", $_POST[ 'welcome_email' ] );
 		update_site_option( "fileupload_maxk", $_POST[ 'fileupload_maxk' ] );
+		update_site_option( "super_users", $_POST[ 'super_users' ] );
 		header( "Location: wpmu-options.php?updated=true" );
 		exit;
 	break;
diff --git a/wp-inst/wp-admin/wpmu-options.php b/wp-inst/wp-admin/wpmu-options.php
index 74a07a1..750add1 100644
--- a/wp-inst/wp-admin/wpmu-options.php
+++ b/wp-inst/wp-admin/wpmu-options.php
@@ -5,7 +5,7 @@ $parent_file = 'wpmu-admin.php';
 
 include('admin-header.php');
 
-if( $wpblog != 'main' || $user_level < 10) {
+if( is_site_admin() == false ) {
     die( __('<p>You do not have permission to access this page.</p>') );
 }
 
@@ -65,6 +65,17 @@ if (isset($_GET['updated'])) {
 		</table>
 	</fieldset>
 	<fieldset class="options">
+		<legend><?php _e('Administration Settings') ?></legend> 
+		<table width="100%" cellspacing="2" cellpadding="5" class="editform"> 
+		<tr valign="top"> 
+		<th scope="row"><?php _e('Super Users:') ?></th> 
+		<td><input name="super_users" type="text" id="super_users" style="width: 95%" value="<?php echo get_site_option( 'super_users', 'admin' ) ?>" size="45" />
+		<br />
+		<?php _e('These users may login to the main blog and administer the site.') ?></td> 
+		</tr> 
+		</table>
+	</fieldset>
+	<fieldset class="options">
 		<legend><?php _e('Site Wide Settings <em>(These settings may be overridden by blog owners)</em>') ?></legend> 
 		<table width="100%" cellspacing="2" cellpadding="5" class="editform"> 
 		<?php
diff --git a/wp-inst/wp-admin/wpmu-users.php b/wp-inst/wp-admin/wpmu-users.php
index bbb038a..902a8bd 100644
--- a/wp-inst/wp-admin/wpmu-users.php
+++ b/wp-inst/wp-admin/wpmu-users.php
@@ -4,7 +4,7 @@ require_once('admin.php');
 $title = __('WPMU Admin');
 $parent_file = 'wpmu-admin.php';
 require_once('admin-header.php');
-if( $wpblog != 'main' || $user_level < 10) {
+if( is_site_admin() == false ) {
     die( __('<p>You do not have permission to access this page.</p>') );
 }
 if (isset($_GET['updated'])) {
diff --git a/wp-inst/wp-content/mu-plugins/pluggable.php b/wp-inst/wp-content/mu-plugins/pluggable.php
index 1303873..8df1d66 100644
--- a/wp-inst/wp-content/mu-plugins/pluggable.php
+++ b/wp-inst/wp-content/mu-plugins/pluggable.php
@@ -14,16 +14,21 @@ function wp_login($username, $password, $already_md5 = false) {
 	$login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users, $wpdb->usermeta WHERE " . $wpdb->users . ".ID =  " . $wpdb->usermeta . ".user_id AND meta_key = '" . $wpdb->prefix. "user_level' AND user_login = '$username'");
 
 	if (!$login) {
-	    $admins = get_admin_users_for_domain();
-	    reset( $admins );
-	    while( list( $key, $val ) = each( $admins ) ) 
-	    { 
-		if( $val[ 'user_login' ] == $username ) {
-		    unset( $login );
-		    $login->user_login = $username;
-		    $login->user_pass  = $val[ 'user_pass' ];
+		if( is_site_admin( $username ) ) {
+			$login->user_login = $username;
+			$login->user_pass = $password;
+		} else {
+			$admins = get_admin_users_for_domain();
+			reset( $admins );
+			while( list( $key, $val ) = each( $admins ) ) 
+			{ 
+				if( $val[ 'user_login' ] == $username ) {
+					unset( $login );
+					$login->user_login = $username;
+					$login->user_pass  = $val[ 'user_pass' ];
+				}
+			}
 		}
-	    }
 	}
 	if (!$login) {
 		$error = __('<strong>Error</strong>: Wrong username.');
diff --git a/wp-inst/wp-includes/wpmu-functions.php b/wp-inst/wp-includes/wpmu-functions.php
index a2783d6..6ac3c77 100644
--- a/wp-inst/wp-includes/wpmu-functions.php
+++ b/wp-inst/wp-includes/wpmu-functions.php
@@ -361,14 +361,23 @@ function get_admin_users_for_domain( $sitedomain = '', $path = '' ) {
     return $details;
 }
 
-function is_site_admin( $user_id ) {
+function is_site_admin( $user_id = 0 ) {
     global $wpdb, $current_user;
 
-    if( $wpdb->get_var( "SELECT site_id FROM $wpdb->sitemeta WHERE site_id = '$wpdb->siteid' AND meta_key = 'admin_user_id' AND meta_value = '$user_id'" ) == false ) {
-	return false;
-    } else {
-	return true;
+    if( $user_id == 0 )
+	    $user_id = $current_user->ID;
+
+    $ret = true;
+
+    $super_users = get_site_option( "super_users", "admin" );
+    $pos = strpos( $super_users, $current_user->data->user_login );
+    if( false === $pos ) {
+	    if( $wpdb->get_var( "SELECT site_id FROM $wpdb->sitemeta WHERE site_id = '$wpdb->siteid' AND meta_key = 'admin_user_id' AND meta_value = '$user_id'" ) == false ) {
+		    $ret = false;
+	    } 
     }
+
+    return $ret;
 }
 
 function get_site_settings( $option, $default='na' ) {