PluginProbe ʕ •ᴥ•ʔ
LatePoint – Calendar Booking Plugin for Appointments and Events / 5.2.11
LatePoint – Calendar Booking Plugin for Appointments and Events v5.2.11
5.6.6 5.6.5 5.6.4 5.6.3 5.6.2 5.6.1 5.6.0 5.5.2 5.5.1 5.5.0 5.4.2 trunk 5.1.0 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.1.8 5.1.9 5.1.91 5.1.92 5.1.93 5.1.94 5.2.0 5.2.1 5.2.10 5.2.11 5.2.2 5.2.3 5.2.4 5.2.5 5.2.6 5.2.7 5.2.8 5.2.9 5.3.0 5.3.1 5.3.2 5.4.0 5.4.1
latepoint / lib / helpers / roles_helper.php
latepoint / lib / helpers Last commit date
activities_helper.php 3 months ago agent_helper.php 3 months ago analytics_helper.php 4 months ago auth_helper.php 3 months ago blocks_helper.php 3 months ago booking_helper.php 3 months ago bricks_helper.php 3 months ago bundles_helper.php 3 months ago calendar_helper.php 3 months ago carts_helper.php 3 months ago connector_helper.php 3 months ago csv_helper.php 3 months ago customer_helper.php 3 months ago customer_import_helper.php 3 months ago database_helper.php 3 months ago debug_helper.php 3 months ago defaults_helper.php 3 months ago elementor_helper.php 3 months ago email_helper.php 3 months ago encrypt_helper.php 3 months ago events_helper.php 3 months ago form_helper.php 3 months ago icalendar_helper.php 3 months ago image_helper.php 3 months ago invoices_helper.php 3 months ago license_helper.php 3 months ago location_helper.php 3 months ago marketing_systems_helper.php 3 months ago meeting_systems_helper.php 3 months ago menu_helper.php 3 months ago meta_helper.php 3 months ago migrations_helper.php 3 months ago money_helper.php 3 months ago notifications_helper.php 3 months ago nps_survey_helper.php 3 months ago order_intent_helper.php 3 months ago orders_helper.php 3 months ago otp_helper.php 3 months ago pages_helper.php 3 months ago params_helper.php 3 months ago payments_helper.php 3 months ago price_breakdown_helper.php 3 months ago process_jobs_helper.php 3 months ago processes_helper.php 3 months ago replacer_helper.php 3 months ago resource_helper.php 3 months ago roles_helper.php 3 months ago router_helper.php 3 months ago service_helper.php 3 months ago sessions_helper.php 3 months ago settings_helper.php 3 months ago short_links_systems_helper.php 3 months ago shortcodes_helper.php 3 months ago sms_helper.php 3 months ago steps_helper.php 3 months ago stripe_connect_helper.php 3 months ago styles_helper.php 3 months ago support_topics_helper.php 3 months ago time_helper.php 3 months ago timeline_helper.php 3 months ago transaction_helper.php 3 months ago transaction_intent_helper.php 3 months ago util_helper.php 3 months ago version_specific_updates_helper.php 3 months ago whatsapp_helper.php 3 months ago work_periods_helper.php 3 months ago wp_datetime.php 3 months ago wp_user_helper.php 3 months ago
roles_helper.php
583 lines
1 <?php
2 /*
3 * Copyright (c) 2023 LatePoint LLC. All rights reserved.
4 */
5
6 class OsRolesHelper {
7 public static array $capabilities_for_controllers;
8
9 public static function get_capabilities_for_all_controllers() {
10 if ( isset( self::$capabilities_for_controllers ) ) {
11 return self::$capabilities_for_controllers;
12 }
13 $capabilities = include LATEPOINT_CONFIG_ABSPATH . 'capabilities_for_controllers.php';
14
15 /**
16 * Get array of capabilities for all controllers
17 *
18 * @since 4.7.0
19 * @hook latepoint_capabilities_for_controllers
20 *
21 * @param {array} $capabilities array of controllers with their default and per action capablities
22 * @returns {array} The filtered array of controllers with capability information
23 */
24 self::$capabilities_for_controllers = apply_filters( 'latepoint_capabilities_for_controllers', $capabilities );
25 return self::$capabilities_for_controllers;
26 }
27
28 public static function build_capability_name_from_model_action( string $model_class, string $action ): string {
29 $capability_names_for_models = [
30 'OsActivityModel' => 'activity',
31 'OsAgentModel' => 'agent',
32 'OsAgentMetaModel' => 'agent',
33 'OsOrderModel' => 'booking',
34 'OsOrderIntentModel' => 'booking',
35 'OsOrderMetaModel' => 'booking',
36 'OsBookingModel' => 'booking',
37 'OsBookingMetaModel' => 'booking',
38 'OsConnectorModel' => 'connection',
39 'OsCustomerModel' => 'customer',
40 'OsCustomerMetaModel' => 'customer',
41 'OsLocationModel' => 'location',
42 'OsLocationCategoryModel' => 'location',
43 'OsServiceModel' => 'service',
44 'OsServiceExtraModel' => 'service',
45 'OsServiceMetaModel' => 'service',
46 'OsBundleModel' => 'bundle',
47 'OsServiceCategoryModel' => 'service',
48 'OsTransactionModel' => 'transaction',
49 'OsInvoiceModel' => 'invoice',
50 'OsProcessJobModel' => 'settings',
51 'OsStepSettingsModel' => 'settings',
52 'OsProcessModel' => 'settings',
53 'OsSettingsModel' => 'settings',
54 'OsWorkPeriodModel' => 'settings',
55 ];
56 /**
57 * Get array of key => value connections between model name and capability name
58 *
59 * @since 4.7.0
60 * @hook latepoint_capability_names_for_models
61 *
62 * @param {array} $capability_names_for_models array of key => value pairs of model name => capability name
63 * @returns {array} The filtered array of value pairs
64 */
65 $capability_names_for_models = apply_filters( 'latepoint_capability_names_for_models', $capability_names_for_models );
66 if ( isset( $capability_names_for_models[ $model_class ] ) ) {
67 $capability = $capability_names_for_models[ $model_class ] . '__' . $action;
68 $all_actions = self::get_all_available_actions_list();
69 if ( in_array( $capability, $all_actions ) ) {
70 return $capability;
71 } else {
72 $capability = $capability_names_for_models[ $model_class ] . '__edit';
73 if ( in_array( $capability, $all_actions ) ) {
74 return $capability;
75 }
76 }
77 }
78 return '';
79 }
80
81 public static function can_user_make_action_on_model_record( OsModel $model, string $action ) {
82 if ( OsAuthHelper::get_current_user()->backend_user_type == LATEPOINT_USER_TYPE_ADMIN ) {
83 return true; // admins are allowed to do everything
84 }
85
86 // check if customer is logged in and tries to edit records that belong to them
87 if ( OsAuthHelper::is_customer_logged_in() ) {
88 // if it's customer - they can edit their customer record and also their bookings
89 if ( $model instanceof OsBookingModel && $model->customer_id == OsAuthHelper::get_logged_in_customer_id() ) {
90 return true;
91 }
92 if ( $model instanceof OsCustomerModel && $model->id == OsAuthHelper::get_logged_in_customer_id() ) {
93 return true;
94 }
95 }
96 // if customer is not logged in or logged in customer doesn't have rights to access this record, check if backend user has
97 if ( self::can_user_perform_model_action( get_class( $model ), $action ) ) {
98 switch ( get_class( $model ) ) {
99 case 'OsBookingModel':
100 if ( OsAuthHelper::get_current_user()->are_all_records_allowed( 'agent' ) ) {
101 return true;
102 }
103 $allowed_ids = OsAuthHelper::get_current_user()->get_allowed_records( 'agent' );
104 if ( $allowed_ids && in_array( $model->agent_id, $allowed_ids ) ) {
105 return true;
106 }
107 break;
108 case 'OsCustomerModel':
109 // check if this customer has any bookings with allowed agents
110 if ( OsAuthHelper::get_current_user()->are_all_records_allowed( 'agent' ) ) {
111 return true;
112 }
113 $allowed_ids = OsAuthHelper::get_current_user()->get_allowed_records( 'agent' );
114 $bookings = new OsBookingModel();
115 if ( $allowed_ids ) {
116 if ( $allowed_ids && in_array( $model->agent_id, $allowed_ids ) ) {
117 return true;
118 }
119 $has_bookings_with_allowed_agents = $bookings->select( 'id' )->where(
120 [
121 'agent_id' => $allowed_ids,
122 'customer_id' => $model->id,
123 ]
124 )->set_limit( 1 )->get_results();
125 if ( ! empty( $has_bookings_with_allowed_agents ) ) {
126 return true;
127 }
128 }
129 break;
130 }
131 }
132 return false;
133 }
134
135 public static function can_user_perform_model_action( string $model_class, string $action ): bool {
136 $capability = self::build_capability_name_from_model_action( $model_class, $action );
137 $can = ! empty( $capability ) ? self::can_user( $capability ) : true;
138 return $can;
139 }
140
141 /**
142 *
143 * Get capabilities required to access specific action of the controller
144 *
145 * @param string $controller_name class name of the controller
146 * @param string $action action name
147 * @return array
148 */
149 public static function get_capabilities_required_for_controller_action( string $controller_name, string $action ): array {
150 $required_capabilities = [ 'settings__edit' ]; // default capabilities, if not set on controller/action level
151
152 $capabilities_for_controllers = self::get_capabilities_for_all_controllers();
153
154 if ( isset( $capabilities_for_controllers[ $controller_name ] ) ) {
155 // try to get capabilities that are specific for action, if not get default for controller
156 if ( isset( $capabilities_for_controllers[ $controller_name ]['per_action'][ $action ] ) ) {
157 $required_capabilities = $capabilities_for_controllers[ $controller_name ]['per_action'][ $action ];
158 } elseif ( isset( $capabilities_for_controllers[ $controller_name ]['default'] ) ) {
159 $required_capabilities = $capabilities_for_controllers[ $controller_name ]['default'];
160 }
161 }
162 /**
163 * Get array of capabilities required to access controller's action
164 *
165 * @since 4.7.0
166 * @hook latepoint_get_capabilities_for_controller_action
167 *
168 * @param {array} $required_capabilities array of required capabilities
169 * @returns {array} The filtered array of required capabilities
170 */
171 return apply_filters( 'latepoint_get_capabilities_for_controller_action', $required_capabilities, $controller_name, $action );
172 }
173
174 public static function save_capabilities_list_for_agent_role( array $capabilities ) {
175 return OsSettingsHelper::save_setting_by_name( 'agent_role_capabilities', wp_json_encode( $capabilities ) );
176 }
177
178 public static function get_capabilities_list_for_agent_role() {
179 $capabilities = json_decode( OsSettingsHelper::get_settings_value( 'agent_role_capabilities', '' ), true );
180 if ( empty( $capabilities ) ) {
181 $capabilities = self::get_default_capabilities_list_for_agent_role();
182 }
183 /**
184 * Get array of permitted actions for agent role
185 *
186 * @since 4.7.0
187 * @hook latepoint_get_capabilities_list_for_agent_role
188 *
189 * @param {array} $capabilities array of actions permitted to admin user type
190 * @returns {array} The filtered array of permitted actions
191 */
192 return apply_filters( 'latepoint_get_capabilities_list_for_agent_role', $capabilities );
193 }
194
195
196 public static function get_all_available_actions_list_grouped() {
197 $actions = self::get_all_available_actions_list();
198 $groups = [];
199 foreach ( $actions as $action ) {
200 $object = explode( '__', $action );
201 $groups[ $object[0] ][] = $object[1];
202 }
203 return $groups;
204 }
205
206 public static function save_from_params( array $role_params ) {
207 $role = \LatePoint\Misc\Role::generate_from_params( $role_params );
208 if ( empty( $role->wp_role ) ) {
209 return new WP_Error( 'invalid_wp_role', __( 'WP Role invalid', 'latepoint' ) );
210 }
211 switch ( $role->user_type ) {
212 case LATEPOINT_USER_TYPE_AGENT:
213 if ( self::save_capabilities_list_for_agent_role( $role->get_capabilities() ) ) {
214 return true;
215 } else {
216 return new WP_Error( 'error_saving_role', __( 'WP Agent role can not be saved', 'latepoint' ) );
217 }
218 break;
219 case LATEPOINT_USER_TYPE_CUSTOM:
220 $roles = self::get_custom_roles();
221 $roles[ $role->wp_role ] = $role->as_array_to_save();
222 if ( OsSettingsHelper::save_setting_by_name( 'custom_roles', wp_json_encode( $roles ) ) ) {
223 // register in WP (it's ok to register it on every save, we remove it first and then add, to make sure display name is updated)
224 $role->register_in_wp();
225 return true;
226 } else {
227 return new WP_Error( 'error_saving_role', __( 'WP Role can not be saved', 'latepoint' ) );
228 }
229 break;
230 default:
231 return new WP_Error( 'invalid_role_type', __( 'Invalid role type', 'latepoint' ) );
232 break;
233 }
234 }
235
236 public static function get_wp_roles_list( $remove_admins = true ): array {
237 // this makes sure that the default customer role is created, before showing a list of roles
238 OsSettingsHelper::get_default_wp_role_for_new_customers();
239
240 global $wp_roles;
241
242
243
244 if ( ! isset( $wp_roles ) ) {
245 $wp_roles = new WP_Roles();
246 }
247
248 $roles = $wp_roles->get_names();
249
250 if ( $remove_admins ) {
251 unset( $roles['administrator'] );
252 unset( $roles['editor'] );
253 unset( $roles['shop_manager'] );
254 unset( $roles['sc_shop_manager'] );
255 }
256
257 /**
258 * List of WP roles that you can assign to a new customer
259 *
260 * @since 5.2.0
261 * @hook latepoint_wp_roles_list_for_customer
262 *
263 * @param {array} $roles list of roles in array
264 * @param {array} $remove_admins whether to remove admin roles or not
265 * @returns {array} The filtered list of roles
266 */
267 return apply_filters( 'latepoint_wp_roles_list_for_customer', $roles, $remove_admins );
268 }
269
270
271 public static function register_customer_role() {
272 // Register Customer Role
273 add_role( LATEPOINT_WP_CUSTOMER_ROLE, __( 'LatePoint Customer', 'latepoint' ), array( 'read' => true ) );
274 }
275
276 public static function register_roles_in_wp() {
277 // Register Agent Role
278 $role = \LatePoint\Misc\Role::get_from_wp_role( LATEPOINT_WP_AGENT_ROLE );
279 $role->register_in_wp();
280
281 self::register_customer_role();
282
283
284 // Register Custom Roles
285 $custom_roles = self::get_custom_roles( true );
286 if ( $custom_roles ) {
287 foreach ( $custom_roles as $custom_role ) {
288 $custom_role->register_in_wp();
289 }
290 }
291 }
292
293 public static function get_model_types_for_allowed_records() {
294 return [ 'agent', 'service', 'location' ];
295 }
296
297
298 public static function generate_role_id() {
299 return strtolower( 'role_' . OsUtilHelper::random_text( 'alnum', 8 ) );
300 }
301
302 public static function get_custom_roles( $as_objects = false ): array {
303 $roles = json_decode( \OsSettingsHelper::get_settings_value( 'custom_roles', '' ), true ) ?? [];
304 if ( $as_objects ) {
305 $roles_objects = [];
306 foreach ( $roles as $role_params ) {
307 $roles_objects[ $role_params['wp_role'] ] = \LatePoint\Misc\Role::generate_from_params( $role_params );
308 }
309 return $roles_objects;
310 } else {
311 return $roles;
312 }
313 }
314
315 public static function save_custom_roles( array $roles ) {
316 return \OsSettingsHelper::save_setting_by_name( 'custom_roles', wp_json_encode( $roles ) );
317 }
318
319 public static function delete( string $wp_role ): bool {
320 // can't delete default roles (admin and agent)
321 if ( in_array( $wp_role, [ LATEPOINT_WP_ADMIN_ROLE, LATEPOINT_WP_AGENT_ROLE ] ) ) {
322 return false;
323 }
324 // get all custom roles to make sure the one that needs to be deleted is custom role
325 $custom_roles = self::get_custom_roles();
326 if ( isset( $custom_roles[ $wp_role ] ) ) {
327 unset( $custom_roles[ $wp_role ] );
328 self::save_custom_roles( $custom_roles );
329 remove_role( $wp_role );
330 }
331 return true;
332 }
333
334 public static function get_default_roles(): array {
335 $roles = [];
336
337 $roles[] = new \LatePoint\Misc\Role( LATEPOINT_USER_TYPE_ADMIN );
338 $roles[] = new \LatePoint\Misc\Role( LATEPOINT_USER_TYPE_AGENT );
339
340 return $roles;
341 }
342
343 public static function description_for_action( $action_code ) {
344 $action_descriptions = [
345 'resource_schedule' => __( 'Edit custom schedule of individual agent, location or service.', 'latepoint' ),
346 'settings' => __( 'Access to all settings pages, including general schedule and booking steps.', 'latepoint' ),
347 'connection' => __( 'Ability to connect agents to services and locations.', 'latepoint' ),
348 'chat' => __( 'Ability to send messages to customers (available with chat addon).', 'latepoint' ),
349 ];
350
351 /**
352 * List of detailed descriptions for available actions
353 *
354 * @since 4.7.2
355 * @hook latepoint_roles_action_descriptions
356 *
357 * @param {array} $action_descriptions Array of descriptions for available actions
358 * @param {string} $action_code Programmatic code of the action being filtered
359 * @returns {array} The filtered array of action descriptions
360 */
361 $action_descriptions = apply_filters( 'latepoint_roles_action_descriptions', $action_descriptions, $action_code );
362 return $action_descriptions[ $action_code ] ?? '';
363 }
364
365 public static function name_for_action( $action_code ) {
366 $action_names = [
367 'chat' => __( 'Chat', 'latepoint' ),
368 'activity' => __( 'Activity Logs', 'latepoint' ),
369 'agent' => __( 'Agents', 'latepoint' ),
370 'service' => __( 'Services', 'latepoint' ),
371 'bundle' => __( 'Bundle', 'latepoint' ),
372 'location' => __( 'Locations', 'latepoint' ),
373 'booking' => __( 'Bookings & Orders', 'latepoint' ),
374 'customer' => __( 'Customers', 'latepoint' ),
375 'transaction' => __( 'Payments', 'latepoint' ),
376 'invoice' => __( 'Invoice', 'latepoint' ),
377 'order' => __( 'Order', 'latepoint' ),
378 'resource_schedule' => __( 'Resource Schedules', 'latepoint' ),
379 'settings' => __( 'Settings', 'latepoint' ),
380 'connection' => __( 'Connections', 'latepoint' ),
381 'edit' => __( 'Edit', 'latepoint' ),
382 'delete' => __( 'Delete', 'latepoint' ),
383 'view' => __( 'View', 'latepoint' ),
384 'create' => __( 'Create', 'latepoint' ),
385 ];
386
387 /**
388 * List of human-friendly names for available actions
389 *
390 * @since 4.7.2
391 * @hook latepoint_roles_action_names
392 *
393 * @param {array} $action_names Array of names for available actions
394 * @param {string} $action_code Programmatic code of the action being filtered
395 * @returns {array} The filtered array of action names
396 */
397 $action_names = apply_filters( 'latepoint_roles_action_names', $action_names, $action_code );
398 return $action_names[ $action_code ] ?? $action_code;
399 }
400
401 public static function get_default_capabilities_list_for_agent_role() {
402 $capabilities = [
403 'agent__view',
404 'agent__edit' ,
405 'booking__view',
406 'booking__delete' ,
407 'booking__create',
408 'booking__edit',
409 'customer__view',
410 'customer__delete' ,
411 'customer__create',
412 'customer__edit',
413 'transaction__view',
414 'transaction__delete' ,
415 'transaction__create',
416 'transaction__edit',
417 'invoice__view',
418 'invoice__delete' ,
419 'invoice__create',
420 'invoice__edit',
421 'activity__view',
422 'activity__delete' ,
423 'activity__create',
424 'activity__edit',
425 'chat__edit',
426 'resource_schedule__edit',
427 ];
428
429 /**
430 * Default list of permitted actions available for agent user type
431 *
432 * @since 4.7.0
433 * @hook latepoint_roles_get_default_capabilities_list_for_agent_role
434 *
435 * @param {array} $capabilities array of permitted actions available to agent user type by default
436 * @returns {array} The filtered array of permitted actions
437 */
438 return apply_filters( 'latepoint_roles_get_default_capabilities_list_for_agent_role', $capabilities );
439 }
440
441 public static function get_all_available_actions_list() {
442 $actions = [
443 'agent__view',
444 'agent__delete' ,
445 'agent__create',
446 'agent__edit' ,
447 'service__view',
448 'service__delete' ,
449 'service__create',
450 'service__edit' ,
451 'bundle__view',
452 'bundle__delete' ,
453 'bundle__create',
454 'bundle__edit' ,
455 'location__view',
456 'location__delete' ,
457 'location__create',
458 'location__edit' ,
459 'service_extra__view',
460 'service_extra__delete' ,
461 'service_extra__create',
462 'service_extra__edit' ,
463 'booking__view',
464 'booking__delete' ,
465 'booking__create',
466 'booking__edit' ,
467 'customer__view',
468 'customer__delete' ,
469 'customer__create',
470 'customer__edit' ,
471 'transaction__view',
472 'transaction__delete' ,
473 'transaction__create',
474 'transaction__edit' ,
475 'invoice__view',
476 'invoice__delete' ,
477 'invoice__create',
478 'invoice__edit' ,
479 'activity__view',
480 'activity__delete' ,
481 'activity__create',
482 'activity__edit' ,
483 'chat__edit',
484 'resource_schedule__edit',
485 'settings__edit',
486 'connection__edit',
487 ];
488
489 /**
490 * All available actions to be attached to a user role
491 *
492 * @since 4.7.0
493 * @hook latepoint_roles_get_all_available_actions_list
494 *
495 * @param {array} $actions array of actions that can be attached to a user role
496 * @returns {array} The filtered array of actions
497 */
498 return apply_filters( 'latepoint_roles_get_all_available_actions_list', $actions );
499 }
500
501 /**
502 * @param \LatePoint\Misc\Role $role
503 * @return \LatePoint\Misc\User[]
504 */
505 public static function get_users_for_role( \LatePoint\Misc\Role $role ): array {
506 $users = [];
507 $wp_users = [];
508 switch ( $role->user_type ) {
509 case LATEPOINT_USER_TYPE_ADMIN:
510 $wp_users = get_users( [ 'role__in' => LATEPOINT_WP_ADMIN_ROLE ] );
511 break;
512 case LATEPOINT_USER_TYPE_AGENT:
513 $wp_users = get_users( [ 'role' => LATEPOINT_WP_AGENT_ROLE ] );
514 break;
515 case LATEPOINT_USER_TYPE_CUSTOM:
516 if ( $role->wp_role ) {
517 $wp_users = get_users( [ 'role' => $role->wp_role ] );
518 }
519 break;
520 }
521 foreach ( $wp_users as $wp_user ) {
522 $users[] = \LatePoint\Misc\User::load_from_wp_user( $wp_user );
523 }
524 return $users;
525 }
526
527 public static function get_user_roles( $user ): array {
528 return [];
529 }
530
531 /**
532 * Checks if currently logged in user has certain capabilities
533 *
534 * @param array|string $capabilities array or string of capabilities that you want to check if logged in user has or not
535 * @return bool
536 */
537 public static function can_user( $capabilities ): bool {
538 if ( OsAuthHelper::get_current_user() ) {
539 return OsAuthHelper::get_current_user()->has_capability( $capabilities );
540 }
541
542 return false;
543 }
544
545 public static function get_allowed_records( string $model_type, $load_from_db = false ) {
546 return OsAuthHelper::get_current_user()->get_allowed_records( $model_type, $load_from_db );
547 }
548
549 public static function are_all_records_allowed( string $model_type = '', $load_from_db = false ): bool {
550 return OsAuthHelper::get_current_user()->are_all_records_allowed( $model_type, $load_from_db );
551 }
552
553 /*
554 * Pass filter object or an array of arguments for a query to be filtered based on what logged in user is allowed to access
555 */
556 public static function filter_allowed_records_from_arguments_or_filter( $args_or_filter ) {
557 $model_types = [ 'agent', 'location', 'service' ];
558 foreach ( $model_types as $model_type ) {
559 if ( ! OsAuthHelper::get_current_user()->are_all_records_allowed( $model_type ) ) {
560 $prop = $model_type . '_id';
561
562 // get value that needs to be filtered by allowed records
563 $value = ( $args_or_filter instanceof \LatePoint\Misc\Filter ) ? $args_or_filter->$prop ?? [] : $args_or_filter[ $prop ] ?? [];
564
565 if ( empty( $value ) ) {
566 // no value is set - limit it to allowed records
567 $value = OsAuthHelper::get_current_user()->get_allowed_records( $model_type );
568 } else {
569 // value is set - make sure it's in the allowed records list, if not - set to allowed records
570 $allowed_from_set = array_intersect( is_array( $value ) ? $value : [ $value ], OsAuthHelper::get_current_user()->get_allowed_records( $model_type ) );
571 $value = empty( $allowed_from_set ) ? OsAuthHelper::get_current_user()->get_allowed_records( $model_type ) : $allowed_from_set;
572 }
573 if ( $args_or_filter instanceof \LatePoint\Misc\Filter ) {
574 $args_or_filter->$prop = $value;
575 } elseif ( is_array( $args_or_filter ) ) {
576 $args_or_filter[ $prop ] = $value;
577 }
578 }
579 }
580 return $args_or_filter;
581 }
582 }
583