PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 4.14.2
GiveWP – Donation Plugin and Fundraising Platform v4.14.2
4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / src / Framework / Permissions / Migrations / FixGiveWorkerCapabilities.php
give / src / Framework / Permissions / Migrations Last commit date
AddViewCapabilitiesToAdminRoles.php 5 months ago FixGiveAccountantCapabilities.php 5 months ago FixGiveWorkerCapabilities.php 5 months ago
FixGiveWorkerCapabilities.php
123 lines
1 <?php
2
3 declare(strict_types=1);
4
5 namespace Give\Framework\Permissions\Migrations;
6
7 use Give\Framework\Migrations\Contracts\Migration;
8
9 /**
10 * Fixes give_worker role capabilities to match documentation.
11 *
12 * The give_worker role should only be able to read donations (view_give_payments),
13 * not edit them. This migration removes the incorrectly assigned edit_give_payments
14 * capability from the give_worker role. It also adds view_give_forms for consistency.
15 *
16 * @since 4.14.0
17 */
18 class FixGiveWorkerCapabilities extends Migration
19 {
20 /**
21 * @inheritdoc
22 */
23 public static function id(): string
24 {
25 return 'fix_give_worker_capabilities';
26 }
27
28 /**
29 * @inheritdoc
30 */
31 public static function title(): string
32 {
33 return 'Fix GiveWP Worker role capabilities';
34 }
35
36 /**
37 * @inheritdoc
38 */
39 public static function timestamp(): int
40 {
41 return strtotime('2026-01-12');
42 }
43
44 /**
45 * @inheritdoc
46 */
47 public function run(): void
48 {
49 $this->fixRoleCapabilities();
50 $this->fixUserCapabilities();
51 }
52
53 /**
54 * Fix capabilities at the role level.
55 *
56 * @since 4.14.0
57 */
58 private function fixRoleCapabilities(): void
59 {
60 global $wp_roles;
61
62 if (!class_exists('WP_Roles')) {
63 return;
64 }
65
66 if (!isset($wp_roles)) {
67 $wp_roles = new \WP_Roles();
68 }
69
70 if (!is_object($wp_roles)) {
71 return;
72 }
73
74 // Remove edit_give_payments from give_worker - they should only be able to view payments
75 $wp_roles->remove_cap('give_worker', 'edit_give_payments');
76
77 // Ensure give_worker has view_give_payments for reading donations
78 $wp_roles->add_cap('give_worker', 'view_give_payments');
79
80 // Ensure give_worker has view_give_forms for consistency
81 $wp_roles->add_cap('give_worker', 'view_give_forms');
82 }
83
84 /**
85 * Fix capabilities at the user level for all give_worker users.
86 *
87 * This handles cases where edit_give_payments was manually granted to individual users.
88 *
89 * @since 4.14.0
90 */
91 private function fixUserCapabilities(): void
92 {
93 $giveWorkers = get_users([
94 'role' => 'give_worker',
95 'fields' => 'ID',
96 ]);
97
98 foreach ($giveWorkers as $userId) {
99 $user = get_userdata($userId);
100
101 if (!$user) {
102 continue;
103 }
104
105 // Remove edit_give_payments if it was individually granted
106 if ($user->has_cap('edit_give_payments')) {
107 $user->remove_cap('edit_give_payments');
108 }
109
110 // Ensure view_give_payments is present
111 if (!$user->has_cap('view_give_payments')) {
112 $user->add_cap('view_give_payments');
113 }
114
115 // Ensure view_give_forms is present
116 if (!$user->has_cap('view_give_forms')) {
117 $user->add_cap('view_give_forms');
118 }
119 }
120 }
121 }
122
123