PluginProbe ʕ •ᴥ•ʔ
Appointment Booking Plugin – LatePoint | Calendar & Scheduling for WordPress / 5.1.4
Appointment Booking Plugin – LatePoint | Calendar & Scheduling for WordPress v5.1.4
5.6.8 5.6.7 5.6.6 5.6.5 5.6.4 5.6.3 5.6.2 5.6.1 5.6.0 5.5.2 5.5.1 5.5.0 5.4.2 trunk 5.1.0 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.1.8 5.1.9 5.1.91 5.1.92 5.1.93 5.1.94 5.2.0 5.2.1 5.2.10 5.2.11 5.2.2 5.2.3 5.2.4 5.2.5 5.2.6 5.2.7 5.2.8 5.2.9 5.3.0 5.3.1 5.3.2 5.4.0 5.4.1
latepoint / lib / helpers / roles_helper.php
latepoint / lib / helpers Last commit date
activities_helper.php 1 year ago agent_helper.php 1 year ago auth_helper.php 1 year ago blocks_helper.php 1 year ago booking_helper.php 1 year ago bricks_helper.php 1 year ago bundles_helper.php 1 year ago calendar_helper.php 1 year ago carts_helper.php 1 year ago connector_helper.php 1 year ago csv_helper.php 1 year ago customer_helper.php 1 year ago database_helper.php 1 year ago debug_helper.php 1 year ago defaults_helper.php 1 year ago elementor_helper.php 1 year ago email_helper.php 1 year ago encrypt_helper.php 1 year ago events_helper.php 1 year ago form_helper.php 1 year ago icalendar_helper.php 1 year ago image_helper.php 1 year ago invoices_helper.php 1 year ago license_helper.php 1 year ago location_helper.php 1 year ago marketing_systems_helper.php 1 year ago meeting_systems_helper.php 1 year ago menu_helper.php 1 year ago meta_helper.php 1 year ago migrations_helper.php 1 year ago money_helper.php 1 year ago notifications_helper.php 1 year ago order_intent_helper.php 1 year ago orders_helper.php 1 year ago pages_helper.php 1 year ago params_helper.php 1 year ago payments_helper.php 1 year ago price_breakdown_helper.php 1 year ago process_jobs_helper.php 1 year ago processes_helper.php 1 year ago replacer_helper.php 1 year ago resource_helper.php 1 year ago roles_helper.php 1 year ago router_helper.php 1 year ago service_helper.php 1 year ago sessions_helper.php 1 year ago settings_helper.php 1 year ago shortcodes_helper.php 1 year ago sms_helper.php 1 year ago steps_helper.php 1 year ago stripe_connect_helper.php 1 year ago styles_helper.php 1 year ago support_topics_helper.php 1 year ago time_helper.php 1 year ago timeline_helper.php 1 year ago transaction_intent_helper.php 1 year ago util_helper.php 1 year ago version_specific_updates_helper.php 1 year ago whatsapp_helper.php 1 year ago work_periods_helper.php 1 year ago wp_datetime.php 1 year ago wp_user_helper.php 1 year ago
roles_helper.php
461 lines
1 <?php
2 /*
3 * Copyright (c) 2023 LatePoint LLC. All rights reserved.
4 */
5
6 class OsRolesHelper {
7 public static array $capabilities_for_controllers;
8
9 public static function get_capabilities_for_all_controllers(){
10 if(isset(self::$capabilities_for_controllers)) return self::$capabilities_for_controllers;
11 $capabilities = include(LATEPOINT_CONFIG_ABSPATH . 'capabilities_for_controllers.php');
12
13 /**
14 * Get array of capabilities for all controllers
15 *
16 * @since 4.7.0
17 * @hook latepoint_capabilities_for_controllers
18 *
19 * @param {array} $capabilities array of controllers with their default and per action capablities
20 * @returns {array} The filtered array of controllers with capability information
21 */
22 self::$capabilities_for_controllers = apply_filters('latepoint_capabilities_for_controllers', $capabilities);
23 return self::$capabilities_for_controllers;
24 }
25
26 public static function build_capability_name_from_model_action(string $model_class, string $action): string{
27 $capability_names_for_models = [
28 'OsActivityModel' => 'activity',
29 'OsAgentModel' => 'agent',
30 'OsAgentMetaModel' => 'agent',
31 'OsOrderModel' => 'booking',
32 'OsOrderIntentModel' => 'booking',
33 'OsOrderMetaModel' => 'booking',
34 'OsBookingModel' => 'booking',
35 'OsBookingMetaModel' => 'booking',
36 'OsConnectorModel' => 'connection',
37 'OsCustomerModel' => 'customer',
38 'OsCustomerMetaModel' => 'customer',
39 'OsLocationModel' => 'location',
40 'OsLocationCategoryModel' => 'location',
41 'OsServiceModel' => 'service',
42 'OsServiceExtraModel' => 'service',
43 'OsServiceMetaModel' => 'service',
44 'OsBundleModel' => 'bundle',
45 'OsServiceCategoryModel' => 'service',
46 'OsTransactionModel' => 'transaction',
47 'OsInvoiceModel' => 'invoice',
48 'OsProcessJobModel' => 'settings',
49 'OsStepSettingsModel' => 'settings',
50 'OsProcessModel' => 'settings',
51 'OsSettingsModel' => 'settings',
52 'OsWorkPeriodModel' => 'settings',
53 ];
54 /**
55 * Get array of key => value connections between model name and capability name
56 *
57 * @since 4.7.0
58 * @hook latepoint_capability_names_for_models
59 *
60 * @param {array} $capability_names_for_models array of key => value pairs of model name => capability name
61 * @returns {array} The filtered array of value pairs
62 */
63 $capability_names_for_models = apply_filters('latepoint_capability_names_for_models', $capability_names_for_models);
64 if(isset($capability_names_for_models[$model_class])){
65 $capability = $capability_names_for_models[$model_class].'__'.$action;
66 $all_actions = self::get_all_available_actions_list();
67 if(in_array($capability, $all_actions)){
68 return $capability;
69 }else{
70 $capability = $capability_names_for_models[$model_class].'__edit';
71 if(in_array($capability, $all_actions)) return $capability;
72 }
73 }
74 return '';
75 }
76
77 public static function can_user_make_action_on_model_record(OsModel $model, string $action){
78 if(OsAuthHelper::get_current_user()->backend_user_type == LATEPOINT_USER_TYPE_ADMIN) return true; // admins are allowed to do everything
79
80 // check if customer is logged in and tries to edit records that belong to them
81 if(OsAuthHelper::is_customer_logged_in()){
82 // if it's customer - they can edit their customer record and also their bookings
83 if($model instanceof OsBookingModel && $model->customer_id == OsAuthHelper::get_logged_in_customer_id()){
84 return true;
85 }
86 if($model instanceof OsCustomerModel && $model->id == OsAuthHelper::get_logged_in_customer_id()){
87 return true;
88 }
89 }
90 // if customer is not logged in or logged in customer doesn't have rights to access this record, check if backend user has
91 if(self::can_user_perform_model_action(get_class($model), $action)){
92 switch(get_class($model)){
93 case 'OsBookingModel':
94 if(OsAuthHelper::get_current_user()->are_all_records_allowed('agent')) return true;
95 $allowed_ids = OsAuthHelper::get_current_user()->get_allowed_records('agent');
96 if($allowed_ids && in_array($model->agent_id, $allowed_ids)) return true;
97 break;
98 case 'OsCustomerModel':
99 // check if this customer has any bookings with allowed agents
100 if(OsAuthHelper::get_current_user()->are_all_records_allowed('agent')) return true;
101 $allowed_ids = OsAuthHelper::get_current_user()->get_allowed_records('agent');
102 $bookings = new OsBookingModel();
103 if($allowed_ids){
104 if($allowed_ids && in_array($model->agent_id, $allowed_ids)) return true;
105 $has_bookings_with_allowed_agents = $bookings->select('id')->where(['agent_id' => $allowed_ids, 'customer_id' => $model->id])->set_limit(1)->get_results();
106 if(!empty($has_bookings_with_allowed_agents)){
107 return true;
108 }
109 }
110 break;
111 }
112 }
113 return false;
114 }
115
116 public static function can_user_perform_model_action(string $model_class, string $action): bool{
117 $capability = self::build_capability_name_from_model_action($model_class, $action);
118 $can = !empty($capability) ? self::can_user($capability) : true;
119 return $can;
120 }
121
122 /**
123 *
124 * Get capabilities required to access specific action of the controller
125 *
126 * @param string $controller_name class name of the controller
127 * @param string $action action name
128 * @return array
129 */
130 public static function get_capabilities_required_for_controller_action(string $controller_name, string $action): array{
131 $required_capabilities = ['settings__edit']; // default capabilities, if not set on controller/action level
132
133 $capabilities_for_controllers = self::get_capabilities_for_all_controllers();
134
135 if(isset($capabilities_for_controllers[$controller_name])){
136 // try to get capabilities that are specific for action, if not get default for controller
137 if(isset($capabilities_for_controllers[$controller_name]['per_action'][$action])){
138 $required_capabilities = $capabilities_for_controllers[$controller_name]['per_action'][$action];
139 }elseif(isset($capabilities_for_controllers[$controller_name]['default'])){
140 $required_capabilities = $capabilities_for_controllers[$controller_name]['default'];
141 }
142 }
143 /**
144 * Get array of capabilities required to access controller's action
145 *
146 * @since 4.7.0
147 * @hook latepoint_get_capabilities_for_controller_action
148 *
149 * @param {array} $required_capabilities array of required capabilities
150 * @returns {array} The filtered array of required capabilities
151 */
152 return apply_filters('latepoint_get_capabilities_for_controller_action', $required_capabilities, $controller_name, $action);
153 }
154
155 public static function save_capabilities_list_for_agent_role(array $capabilities){
156 return OsSettingsHelper::save_setting_by_name('agent_role_capabilities', wp_json_encode($capabilities));
157 }
158
159 public static function get_capabilities_list_for_agent_role(){
160 $capabilities = json_decode(OsSettingsHelper::get_settings_value('agent_role_capabilities', ''), true);
161 if(empty($capabilities)) $capabilities = self::get_default_capabilities_list_for_agent_role();
162 /**
163 * Get array of permitted actions for agent role
164 *
165 * @since 4.7.0
166 * @hook latepoint_get_capabilities_list_for_agent_role
167 *
168 * @param {array} $capabilities array of actions permitted to admin user type
169 * @returns {array} The filtered array of permitted actions
170 */
171 return apply_filters('latepoint_get_capabilities_list_for_agent_role', $capabilities);
172 }
173
174
175 public static function get_all_available_actions_list_grouped(){
176 $actions = self::get_all_available_actions_list();
177 $groups = [];
178 foreach($actions as $action){
179 $object = explode('__', $action);
180 $groups[$object[0]][] = $object[1];
181 }
182 return $groups;
183 }
184
185 public static function save_from_params(array $role_params){
186 $role = \LatePoint\Misc\Role::generate_from_params($role_params);
187 if(empty($role->wp_role)) return new WP_Error('invalid_wp_role', __('WP Role invalid', 'latepoint'));
188 switch($role->user_type){
189 case LATEPOINT_USER_TYPE_AGENT:
190 if(self::save_capabilities_list_for_agent_role($role->get_capabilities())){
191 return true;
192 }else{
193 return new WP_Error('error_saving_role', __('WP Agent role can not be saved', 'latepoint'));
194 }
195 break;
196 case LATEPOINT_USER_TYPE_CUSTOM:
197 $roles = self::get_custom_roles();
198 $roles[$role->wp_role] = $role->as_array_to_save();
199 if(OsSettingsHelper::save_setting_by_name('custom_roles', wp_json_encode($roles))){
200 // register in WP (it's ok to register it on every save, we remove it first and then add, to make sure display name is updated)
201 $role->register_in_wp();
202 return true;
203 }else{
204 return new WP_Error('error_saving_role', __('WP Role can not be saved', 'latepoint'));
205 }
206 break;
207 default:
208 return new WP_Error('invalid_role_type', __('Invalid role type', 'latepoint'));
209 break;
210 }
211 }
212
213 public static function register_roles_in_wp(){
214 // Register Agent Role
215 $role = \LatePoint\Misc\Role::get_from_wp_role(LATEPOINT_WP_AGENT_ROLE);
216 $role->register_in_wp();
217
218 // Register Custom Roles
219 $custom_roles = self::get_custom_roles(true);
220 if($custom_roles){
221 foreach($custom_roles as $custom_role){
222 $custom_role->register_in_wp();
223 }
224 }
225 }
226
227 public static function get_model_types_for_allowed_records(){
228 return ['agent', 'service', 'location'];
229 }
230
231
232 public static function generate_role_id(){
233 return 'role_'.OsUtilHelper::random_text('alnum', 8);
234 }
235
236 public static function get_custom_roles($as_objects = false): array{
237 $roles = json_decode(\OsSettingsHelper::get_settings_value('custom_roles', ''), true) ?? [];
238 if($as_objects){
239 $roles_objects = [];
240 foreach($roles as $role_params){
241 $roles_objects[$role_params['wp_role']] = \LatePoint\Misc\Role::generate_from_params($role_params);
242 }
243 return $roles_objects;
244 }else{
245 return $roles;
246 }
247 }
248
249 public static function save_custom_roles(array $roles){
250 return \OsSettingsHelper::save_setting_by_name('custom_roles', wp_json_encode($roles));
251 }
252
253 public static function delete(string $wp_role): bool{
254 // can't delete default roles (admin and agent)
255 if(in_array($wp_role, [LATEPOINT_WP_ADMIN_ROLE, LATEPOINT_WP_AGENT_ROLE])) return false;
256 // get all custom roles to make sure the one that needs to be deleted is custom role
257 $custom_roles = self::get_custom_roles();
258 if(isset($custom_roles[$wp_role])){
259 unset($custom_roles[$wp_role]);
260 self::save_custom_roles($custom_roles);
261 remove_role($wp_role);
262 }
263 return true;
264 }
265
266 public static function get_default_roles(): array{
267 $roles = [];
268
269 $roles[] = new \LatePoint\Misc\Role(LATEPOINT_USER_TYPE_ADMIN);
270 $roles[] = new \LatePoint\Misc\Role(LATEPOINT_USER_TYPE_AGENT);
271
272 return $roles;
273 }
274
275 public static function description_for_action($action_code){
276 $action_descriptions = [
277 'resource_schedule' => __('Edit custom schedule of individual agent, location or service.', 'latepoint'),
278 'settings' => __('Access to all settings pages, including general schedule and booking steps.', 'latepoint'),
279 'connection' => __('Ability to connect agents to services and locations.', 'latepoint'),
280 'chat' => __('Ability to send messages to customers (available with chat addon).', 'latepoint'),
281 ];
282
283 /**
284 * List of detailed descriptions for available actions
285 *
286 * @since 4.7.2
287 * @hook latepoint_roles_action_descriptions
288 *
289 * @param {array} $action_descriptions Array of descriptions for available actions
290 * @param {string} $action_code Programmatic code of the action being filtered
291 * @returns {array} The filtered array of action descriptions
292 */
293 $action_descriptions = apply_filters('latepoint_roles_action_descriptions', $action_descriptions, $action_code);
294 return $action_descriptions[$action_code] ?? '';
295 }
296
297 public static function name_for_action($action_code){
298 $action_names = [
299 'chat' => __('Chat', 'latepoint'),
300 'activity' => __('Activity Logs', 'latepoint'),
301 'agent' => __('Agents', 'latepoint'),
302 'service' => __('Services', 'latepoint'),
303 'bundle' => __('Bundle', 'latepoint'),
304 'location' => __('Locations', 'latepoint'),
305 'booking' => __('Bookings & Orders', 'latepoint'),
306 'customer' => __('Customers', 'latepoint'),
307 'transaction' => __('Payments', 'latepoint'),
308 'invoice' => __('Invoice', 'latepoint'),
309 'order' => __('Order', 'latepoint'),
310 'resource_schedule' => __('Resource Schedules', 'latepoint'),
311 'settings' => __('Settings', 'latepoint'),
312 'connection' => __('Connections', 'latepoint'),
313 'edit' => __('Edit', 'latepoint'),
314 'delete' => __('Delete', 'latepoint'),
315 'view' => __('View', 'latepoint'),
316 'create' => __('Create', 'latepoint'),
317 ];
318
319 /**
320 * List of human-friendly names for available actions
321 *
322 * @since 4.7.2
323 * @hook latepoint_roles_action_names
324 *
325 * @param {array} $action_names Array of names for available actions
326 * @param {string} $action_code Programmatic code of the action being filtered
327 * @returns {array} The filtered array of action names
328 */
329 $action_names = apply_filters('latepoint_roles_action_names', $action_names, $action_code);
330 return $action_names[$action_code] ?? $action_code;
331 }
332
333 public static function get_default_capabilities_list_for_agent_role(){
334 $capabilities = [
335 'agent__view', 'agent__edit' ,
336 'booking__view', 'booking__delete' ,'booking__create', 'booking__edit',
337 'customer__view', 'customer__delete' ,'customer__create', 'customer__edit',
338 'transaction__view', 'transaction__delete' ,'transaction__create', 'transaction__edit',
339 'invoice__view', 'invoice__delete' ,'invoice__create', 'invoice__edit',
340 'activity__view', 'activity__delete' ,'activity__create', 'activity__edit',
341 'chat__edit', 'resource_schedule__edit'
342 ];
343
344 /**
345 * Default list of permitted actions available for agent user type
346 *
347 * @since 4.7.0
348 * @hook latepoint_roles_get_default_capabilities_list_for_agent_role
349 *
350 * @param {array} $capabilities array of permitted actions available to agent user type by default
351 * @returns {array} The filtered array of permitted actions
352 */
353 return apply_filters('latepoint_roles_get_default_capabilities_list_for_agent_role', $capabilities);
354 }
355
356 public static function get_all_available_actions_list(){
357 $actions = [
358 'agent__view', 'agent__delete' ,'agent__create', 'agent__edit' ,
359 'service__view', 'service__delete' ,'service__create', 'service__edit' ,
360 'bundle__view', 'bundle__delete' ,'bundle__create', 'bundle__edit' ,
361 'location__view', 'location__delete' ,'location__create', 'location__edit' ,
362 'booking__view', 'booking__delete' ,'booking__create', 'booking__edit' ,
363 'customer__view', 'customer__delete' ,'customer__create', 'customer__edit' ,
364 'transaction__view', 'transaction__delete' ,'transaction__create', 'transaction__edit' ,
365 'invoice__view', 'invoice__delete' ,'invoice__create', 'invoice__edit' ,
366 'activity__view', 'activity__delete' ,'activity__create', 'activity__edit' ,
367 'chat__edit', 'resource_schedule__edit', 'settings__edit', 'connection__edit'
368 ];
369
370 /**
371 * All available actions to be attached to a user role
372 *
373 * @since 4.7.0
374 * @hook latepoint_roles_get_all_available_actions_list
375 *
376 * @param {array} $actions array of actions that can be attached to a user role
377 * @returns {array} The filtered array of actions
378 */
379 return apply_filters('latepoint_roles_get_all_available_actions_list', $actions);
380 }
381
382 /**
383 * @param \LatePoint\Misc\Role $role
384 * @return \LatePoint\Misc\User[]
385 */
386 public static function get_users_for_role(\LatePoint\Misc\Role $role): array{
387 $users = [];
388 $wp_users = [];
389 switch($role->user_type){
390 case LATEPOINT_USER_TYPE_ADMIN:
391 $wp_users = get_users(['role__in' => LATEPOINT_WP_ADMIN_ROLE]);
392 break;
393 case LATEPOINT_USER_TYPE_AGENT:
394 $wp_users = get_users(['role' => LATEPOINT_WP_AGENT_ROLE]);
395 break;
396 case LATEPOINT_USER_TYPE_CUSTOM:
397 if($role->wp_role) $wp_users = get_users(['role' => $role->wp_role]);
398 break;
399 }
400 foreach($wp_users as $wp_user){
401 $users[] = \LatePoint\Misc\User::load_from_wp_user($wp_user);
402 }
403 return $users;
404 }
405
406 public static function get_user_roles($user): array {
407 return [];
408 }
409
410 /**
411 * Checks if currently logged in user has certain capabilities
412 *
413 * @param array|string $capabilities array or string of capabilities that you want to check if logged in user has or not
414 * @return bool
415 */
416 public static function can_user($capabilities) :bool{
417 if (OsAuthHelper::get_current_user()) {
418 return OsAuthHelper::get_current_user()->has_capability( $capabilities );
419 }
420
421 return false;
422 }
423
424 public static function get_allowed_records(string $model_type, $load_from_db = false){
425 return OsAuthHelper::get_current_user()->get_allowed_records($model_type, $load_from_db);
426 }
427
428 public static function are_all_records_allowed(string $model_type = '', $load_from_db = false): bool{
429 return OsAuthHelper::get_current_user()->are_all_records_allowed($model_type, $load_from_db);
430 }
431
432 /*
433 * Pass filter object or an array of arguments for a query to be filtered based on what logged in user is allowed to access
434 */
435 public static function filter_allowed_records_from_arguments_or_filter($args_or_filter){
436 $model_types = ['agent', 'location', 'service'];
437 foreach($model_types as $model_type){
438 if(!OsAuthHelper::get_current_user()->are_all_records_allowed($model_type)){
439 $prop = $model_type.'_id';
440
441 // get value that needs to be filtered by allowed records
442 $value = ($args_or_filter instanceof \LatePoint\Misc\Filter) ? $args_or_filter->$prop ?? [] : $args_or_filter[$prop] ?? [];
443
444 if(empty($value)){
445 // no value is set - limit it to allowed records
446 $value = OsAuthHelper::get_current_user()->get_allowed_records($model_type);
447 }else{
448 // value is set - make sure it's in the allowed records list, if not - set to allowed records
449 $allowed_from_set = array_intersect(is_array($value) ? $value : [$value], OsAuthHelper::get_current_user()->get_allowed_records($model_type));
450 $value = empty($allowed_from_set) ? OsAuthHelper::get_current_user()->get_allowed_records($model_type) : $allowed_from_set;
451 }
452 if($args_or_filter instanceof \LatePoint\Misc\Filter){
453 $args_or_filter->$prop = $value;
454 }elseif(is_array($args_or_filter)){
455 $args_or_filter[$prop] = $value;
456 }
457 }
458 }
459 return $args_or_filter;
460 }
461 }