File: /wordpress/plugins/wp-cloud-client/1.1.7/src/Multisite/SuperAdminManager.php
<?php
declare(strict_types=1);
namespace VPlugins\WPCloudClient\Multisite;
use WP_User;
/**
* SSO-driven super admin grant/revoke for multisite.
*
* On every WordPress login the `wpcc_is_super_admin` user meta flag is read
* and used to decide whether to grant or revoke WordPress super admin status.
*
* The flag is written by the portal via the one_click_login action before it
* hands back the login URL. This ensures the super admin state is always
* consistent with the platform's role assignment.
*
* Revocation only occurs when the meta key was explicitly set by the platform.
* Users promoted to super admin manually (no meta key) are never touched,
* preventing accidental privilege loss on installations not yet using SSO.
*/
final class SuperAdminManager {
/**
* User meta key that stores the platform's super admin decision.
*/
public const META_KEY = 'wpcc_is_super_admin';
/**
* Register WordPress hooks.
*
* @return void
*/
public function register(): void {
add_action( 'wp_login', [ $this, 'onLogin' ], 10, 2 );
}
/**
* Sync WordPress super admin status from the platform flag on login.
*
* Hooked to: wp_login
*
* @param string $userLogin The user's login name (unused).
* @param WP_User $user The authenticated user object.
* @return void
*/
public function onLogin( string $userLogin, WP_User $user ): void { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.Found
if ( ! is_multisite() ) {
return;
}
$userId = (int) $user->ID;
$metaRaw = get_user_meta( $userId, self::META_KEY, true );
/**
* Filter the super admin decision for an SSO login.
*
* Return true to grant super admin, false to revoke. The default value
* is derived from the `wpcc_is_super_admin` user meta flag written by
* the portal's one_click_login action.
*
* @param bool $isSuperAdmin Whether the platform wants this user to be super admin.
* @param WP_User $user The user being logged in.
*/
$isSuperAdmin = (bool) apply_filters( 'wpcc_user_is_super_admin', ! empty( $metaRaw ), $user );
if ( $isSuperAdmin && ! is_super_admin( $userId ) ) {
grant_super_admin( $userId );
return;
}
// Only revoke if the platform has explicitly set the flag to false.
// Absence of the meta key means the platform has no opinion — leave the
// user's super admin status untouched.
$flagExists = metadata_exists( 'user', $userId, self::META_KEY );
if ( ! $isSuperAdmin && $flagExists && is_super_admin( $userId ) ) {
revoke_super_admin( $userId );
}
}
/**
* Persist the platform's super admin decision as user meta.
*
* Intended to be called from the one_click_login flow before the login
* URL is handed back to the portal.
*
* @param int $userId The WordPress user ID.
* @param bool $isSuperAdmin Whether the user should be super admin.
* @return void
*/
public static function setFlag( int $userId, bool $isSuperAdmin ): void {
update_user_meta( $userId, self::META_KEY, $isSuperAdmin ? '1' : '0' );
}
}