PluginProbe ʕ •ᴥ•ʔ
Appointment Booking Plugin – LatePoint | Calendar & Scheduling for WordPress / 5.2.2
Appointment Booking Plugin – LatePoint | Calendar & Scheduling for WordPress v5.2.2
5.6.8 5.6.7 5.6.6 5.6.5 5.6.4 5.6.3 5.6.2 5.6.1 5.6.0 5.5.2 5.5.1 5.5.0 5.4.2 trunk 5.1.0 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.1.8 5.1.9 5.1.91 5.1.92 5.1.93 5.1.94 5.2.0 5.2.1 5.2.10 5.2.11 5.2.2 5.2.3 5.2.4 5.2.5 5.2.6 5.2.7 5.2.8 5.2.9 5.3.0 5.3.1 5.3.2 5.4.0 5.4.1
latepoint / lib / helpers / roles_helper.php
latepoint / lib / helpers Last commit date
activities_helper.php 1 year ago agent_helper.php 1 year ago auth_helper.php 9 months ago blocks_helper.php 1 year ago booking_helper.php 1 year ago bricks_helper.php 1 year ago bundles_helper.php 1 year ago calendar_helper.php 9 months ago carts_helper.php 1 year ago connector_helper.php 1 year ago csv_helper.php 9 months ago customer_helper.php 9 months ago customer_import_helper.php 9 months ago database_helper.php 9 months ago debug_helper.php 1 year ago defaults_helper.php 1 year ago elementor_helper.php 1 year ago email_helper.php 9 months ago encrypt_helper.php 1 year ago events_helper.php 1 year ago form_helper.php 9 months ago icalendar_helper.php 1 year ago image_helper.php 1 year ago invoices_helper.php 9 months ago license_helper.php 1 year ago location_helper.php 1 year ago marketing_systems_helper.php 1 year ago meeting_systems_helper.php 1 year ago menu_helper.php 9 months ago meta_helper.php 1 year ago migrations_helper.php 1 year ago money_helper.php 1 year ago notifications_helper.php 9 months ago order_intent_helper.php 9 months ago orders_helper.php 1 year ago otp_helper.php 9 months ago pages_helper.php 1 year ago params_helper.php 1 year ago payments_helper.php 1 year ago price_breakdown_helper.php 1 year ago process_jobs_helper.php 1 year ago processes_helper.php 1 year ago replacer_helper.php 1 year ago resource_helper.php 1 year ago roles_helper.php 9 months ago router_helper.php 1 year ago service_helper.php 1 year ago sessions_helper.php 1 year ago settings_helper.php 9 months ago short_links_systems_helper.php 9 months ago shortcodes_helper.php 9 months ago sms_helper.php 1 year ago steps_helper.php 9 months ago stripe_connect_helper.php 9 months ago styles_helper.php 9 months ago support_topics_helper.php 1 year ago time_helper.php 9 months ago timeline_helper.php 9 months ago transaction_helper.php 1 year ago transaction_intent_helper.php 1 year ago util_helper.php 9 months ago version_specific_updates_helper.php 9 months ago whatsapp_helper.php 1 year ago work_periods_helper.php 1 year ago wp_datetime.php 1 year ago wp_user_helper.php 1 year ago
roles_helper.php
506 lines
1 <?php
2 /*
3 * Copyright (c) 2023 LatePoint LLC. All rights reserved.
4 */
5
6 class OsRolesHelper {
7 public static array $capabilities_for_controllers;
8
9 public static function get_capabilities_for_all_controllers(){
10 if(isset(self::$capabilities_for_controllers)) return self::$capabilities_for_controllers;
11 $capabilities = include(LATEPOINT_CONFIG_ABSPATH . 'capabilities_for_controllers.php');
12
13 /**
14 * Get array of capabilities for all controllers
15 *
16 * @since 4.7.0
17 * @hook latepoint_capabilities_for_controllers
18 *
19 * @param {array} $capabilities array of controllers with their default and per action capablities
20 * @returns {array} The filtered array of controllers with capability information
21 */
22 self::$capabilities_for_controllers = apply_filters('latepoint_capabilities_for_controllers', $capabilities);
23 return self::$capabilities_for_controllers;
24 }
25
26 public static function build_capability_name_from_model_action(string $model_class, string $action): string{
27 $capability_names_for_models = [
28 'OsActivityModel' => 'activity',
29 'OsAgentModel' => 'agent',
30 'OsAgentMetaModel' => 'agent',
31 'OsOrderModel' => 'booking',
32 'OsOrderIntentModel' => 'booking',
33 'OsOrderMetaModel' => 'booking',
34 'OsBookingModel' => 'booking',
35 'OsBookingMetaModel' => 'booking',
36 'OsConnectorModel' => 'connection',
37 'OsCustomerModel' => 'customer',
38 'OsCustomerMetaModel' => 'customer',
39 'OsLocationModel' => 'location',
40 'OsLocationCategoryModel' => 'location',
41 'OsServiceModel' => 'service',
42 'OsServiceExtraModel' => 'service',
43 'OsServiceMetaModel' => 'service',
44 'OsBundleModel' => 'bundle',
45 'OsServiceCategoryModel' => 'service',
46 'OsTransactionModel' => 'transaction',
47 'OsInvoiceModel' => 'invoice',
48 'OsProcessJobModel' => 'settings',
49 'OsStepSettingsModel' => 'settings',
50 'OsProcessModel' => 'settings',
51 'OsSettingsModel' => 'settings',
52 'OsWorkPeriodModel' => 'settings',
53 ];
54 /**
55 * Get array of key => value connections between model name and capability name
56 *
57 * @since 4.7.0
58 * @hook latepoint_capability_names_for_models
59 *
60 * @param {array} $capability_names_for_models array of key => value pairs of model name => capability name
61 * @returns {array} The filtered array of value pairs
62 */
63 $capability_names_for_models = apply_filters('latepoint_capability_names_for_models', $capability_names_for_models);
64 if(isset($capability_names_for_models[$model_class])){
65 $capability = $capability_names_for_models[$model_class].'__'.$action;
66 $all_actions = self::get_all_available_actions_list();
67 if(in_array($capability, $all_actions)){
68 return $capability;
69 }else{
70 $capability = $capability_names_for_models[$model_class].'__edit';
71 if(in_array($capability, $all_actions)) return $capability;
72 }
73 }
74 return '';
75 }
76
77 public static function can_user_make_action_on_model_record(OsModel $model, string $action){
78 if(OsAuthHelper::get_current_user()->backend_user_type == LATEPOINT_USER_TYPE_ADMIN) return true; // admins are allowed to do everything
79
80 // check if customer is logged in and tries to edit records that belong to them
81 if(OsAuthHelper::is_customer_logged_in()){
82 // if it's customer - they can edit their customer record and also their bookings
83 if($model instanceof OsBookingModel && $model->customer_id == OsAuthHelper::get_logged_in_customer_id()){
84 return true;
85 }
86 if($model instanceof OsCustomerModel && $model->id == OsAuthHelper::get_logged_in_customer_id()){
87 return true;
88 }
89 }
90 // if customer is not logged in or logged in customer doesn't have rights to access this record, check if backend user has
91 if(self::can_user_perform_model_action(get_class($model), $action)){
92 switch(get_class($model)){
93 case 'OsBookingModel':
94 if(OsAuthHelper::get_current_user()->are_all_records_allowed('agent')) return true;
95 $allowed_ids = OsAuthHelper::get_current_user()->get_allowed_records('agent');
96 if($allowed_ids && in_array($model->agent_id, $allowed_ids)) return true;
97 break;
98 case 'OsCustomerModel':
99 // check if this customer has any bookings with allowed agents
100 if(OsAuthHelper::get_current_user()->are_all_records_allowed('agent')) return true;
101 $allowed_ids = OsAuthHelper::get_current_user()->get_allowed_records('agent');
102 $bookings = new OsBookingModel();
103 if($allowed_ids){
104 if($allowed_ids && in_array($model->agent_id, $allowed_ids)) return true;
105 $has_bookings_with_allowed_agents = $bookings->select('id')->where(['agent_id' => $allowed_ids, 'customer_id' => $model->id])->set_limit(1)->get_results();
106 if(!empty($has_bookings_with_allowed_agents)){
107 return true;
108 }
109 }
110 break;
111 }
112 }
113 return false;
114 }
115
116 public static function can_user_perform_model_action(string $model_class, string $action): bool{
117 $capability = self::build_capability_name_from_model_action($model_class, $action);
118 $can = !empty($capability) ? self::can_user($capability) : true;
119 return $can;
120 }
121
122 /**
123 *
124 * Get capabilities required to access specific action of the controller
125 *
126 * @param string $controller_name class name of the controller
127 * @param string $action action name
128 * @return array
129 */
130 public static function get_capabilities_required_for_controller_action(string $controller_name, string $action): array{
131 $required_capabilities = ['settings__edit']; // default capabilities, if not set on controller/action level
132
133 $capabilities_for_controllers = self::get_capabilities_for_all_controllers();
134
135 if(isset($capabilities_for_controllers[$controller_name])){
136 // try to get capabilities that are specific for action, if not get default for controller
137 if(isset($capabilities_for_controllers[$controller_name]['per_action'][$action])){
138 $required_capabilities = $capabilities_for_controllers[$controller_name]['per_action'][$action];
139 }elseif(isset($capabilities_for_controllers[$controller_name]['default'])){
140 $required_capabilities = $capabilities_for_controllers[$controller_name]['default'];
141 }
142 }
143 /**
144 * Get array of capabilities required to access controller's action
145 *
146 * @since 4.7.0
147 * @hook latepoint_get_capabilities_for_controller_action
148 *
149 * @param {array} $required_capabilities array of required capabilities
150 * @returns {array} The filtered array of required capabilities
151 */
152 return apply_filters('latepoint_get_capabilities_for_controller_action', $required_capabilities, $controller_name, $action);
153 }
154
155 public static function save_capabilities_list_for_agent_role(array $capabilities){
156 return OsSettingsHelper::save_setting_by_name('agent_role_capabilities', wp_json_encode($capabilities));
157 }
158
159 public static function get_capabilities_list_for_agent_role(){
160 $capabilities = json_decode(OsSettingsHelper::get_settings_value('agent_role_capabilities', ''), true);
161 if(empty($capabilities)) $capabilities = self::get_default_capabilities_list_for_agent_role();
162 /**
163 * Get array of permitted actions for agent role
164 *
165 * @since 4.7.0
166 * @hook latepoint_get_capabilities_list_for_agent_role
167 *
168 * @param {array} $capabilities array of actions permitted to admin user type
169 * @returns {array} The filtered array of permitted actions
170 */
171 return apply_filters('latepoint_get_capabilities_list_for_agent_role', $capabilities);
172 }
173
174
175 public static function get_all_available_actions_list_grouped(){
176 $actions = self::get_all_available_actions_list();
177 $groups = [];
178 foreach($actions as $action){
179 $object = explode('__', $action);
180 $groups[$object[0]][] = $object[1];
181 }
182 return $groups;
183 }
184
185 public static function save_from_params(array $role_params){
186 $role = \LatePoint\Misc\Role::generate_from_params($role_params);
187 if(empty($role->wp_role)) return new WP_Error('invalid_wp_role', __('WP Role invalid', 'latepoint'));
188 switch($role->user_type){
189 case LATEPOINT_USER_TYPE_AGENT:
190 if(self::save_capabilities_list_for_agent_role($role->get_capabilities())){
191 return true;
192 }else{
193 return new WP_Error('error_saving_role', __('WP Agent role can not be saved', 'latepoint'));
194 }
195 break;
196 case LATEPOINT_USER_TYPE_CUSTOM:
197 $roles = self::get_custom_roles();
198 $roles[$role->wp_role] = $role->as_array_to_save();
199 if(OsSettingsHelper::save_setting_by_name('custom_roles', wp_json_encode($roles))){
200 // register in WP (it's ok to register it on every save, we remove it first and then add, to make sure display name is updated)
201 $role->register_in_wp();
202 return true;
203 }else{
204 return new WP_Error('error_saving_role', __('WP Role can not be saved', 'latepoint'));
205 }
206 break;
207 default:
208 return new WP_Error('invalid_role_type', __('Invalid role type', 'latepoint'));
209 break;
210 }
211 }
212
213 public static function get_wp_roles_list($remove_admins = true) : array{
214 // this makes sure that the default customer role is created, before showing a list of roles
215 OsSettingsHelper::get_default_wp_role_for_new_customers();
216
217 global $wp_roles;
218
219
220
221 if (!isset($wp_roles)) {
222 $wp_roles = new WP_Roles();
223 }
224
225 $roles = $wp_roles->get_names();
226
227 if($remove_admins){
228 unset($roles['administrator']);
229 unset($roles['editor']);
230 unset($roles['shop_manager']);
231 unset($roles['sc_shop_manager']);
232 }
233
234 /**
235 * List of WP roles that you can assign to a new customer
236 *
237 * @since 5.2.0
238 * @hook latepoint_wp_roles_list_for_customer
239 *
240 * @param {array} $roles list of roles in array
241 * @param {array} $remove_admins whether to remove admin roles or not
242 * @returns {array} The filtered list of roles
243 */
244 return apply_filters('latepoint_wp_roles_list_for_customer', $roles, $remove_admins);
245
246 }
247
248
249 public static function register_customer_role(){
250 // Register Customer Role
251 add_role( LATEPOINT_WP_CUSTOMER_ROLE, __('LatePoint Customer', 'latepoint'), array( 'read' => true ) );
252 }
253
254 public static function register_roles_in_wp(){
255 // Register Agent Role
256 $role = \LatePoint\Misc\Role::get_from_wp_role(LATEPOINT_WP_AGENT_ROLE);
257 $role->register_in_wp();
258
259 self::register_customer_role();
260
261
262 // Register Custom Roles
263 $custom_roles = self::get_custom_roles(true);
264 if($custom_roles){
265 foreach($custom_roles as $custom_role){
266 $custom_role->register_in_wp();
267 }
268 }
269 }
270
271 public static function get_model_types_for_allowed_records(){
272 return ['agent', 'service', 'location'];
273 }
274
275
276 public static function generate_role_id(){
277 return 'role_'.OsUtilHelper::random_text('alnum', 8);
278 }
279
280 public static function get_custom_roles($as_objects = false): array{
281 $roles = json_decode(\OsSettingsHelper::get_settings_value('custom_roles', ''), true) ?? [];
282 if($as_objects){
283 $roles_objects = [];
284 foreach($roles as $role_params){
285 $roles_objects[$role_params['wp_role']] = \LatePoint\Misc\Role::generate_from_params($role_params);
286 }
287 return $roles_objects;
288 }else{
289 return $roles;
290 }
291 }
292
293 public static function save_custom_roles(array $roles){
294 return \OsSettingsHelper::save_setting_by_name('custom_roles', wp_json_encode($roles));
295 }
296
297 public static function delete(string $wp_role): bool{
298 // can't delete default roles (admin and agent)
299 if(in_array($wp_role, [LATEPOINT_WP_ADMIN_ROLE, LATEPOINT_WP_AGENT_ROLE])) return false;
300 // get all custom roles to make sure the one that needs to be deleted is custom role
301 $custom_roles = self::get_custom_roles();
302 if(isset($custom_roles[$wp_role])){
303 unset($custom_roles[$wp_role]);
304 self::save_custom_roles($custom_roles);
305 remove_role($wp_role);
306 }
307 return true;
308 }
309
310 public static function get_default_roles(): array{
311 $roles = [];
312
313 $roles[] = new \LatePoint\Misc\Role(LATEPOINT_USER_TYPE_ADMIN);
314 $roles[] = new \LatePoint\Misc\Role(LATEPOINT_USER_TYPE_AGENT);
315
316 return $roles;
317 }
318
319 public static function description_for_action($action_code){
320 $action_descriptions = [
321 'resource_schedule' => __('Edit custom schedule of individual agent, location or service.', 'latepoint'),
322 'settings' => __('Access to all settings pages, including general schedule and booking steps.', 'latepoint'),
323 'connection' => __('Ability to connect agents to services and locations.', 'latepoint'),
324 'chat' => __('Ability to send messages to customers (available with chat addon).', 'latepoint'),
325 ];
326
327 /**
328 * List of detailed descriptions for available actions
329 *
330 * @since 4.7.2
331 * @hook latepoint_roles_action_descriptions
332 *
333 * @param {array} $action_descriptions Array of descriptions for available actions
334 * @param {string} $action_code Programmatic code of the action being filtered
335 * @returns {array} The filtered array of action descriptions
336 */
337 $action_descriptions = apply_filters('latepoint_roles_action_descriptions', $action_descriptions, $action_code);
338 return $action_descriptions[$action_code] ?? '';
339 }
340
341 public static function name_for_action($action_code){
342 $action_names = [
343 'chat' => __('Chat', 'latepoint'),
344 'activity' => __('Activity Logs', 'latepoint'),
345 'agent' => __('Agents', 'latepoint'),
346 'service' => __('Services', 'latepoint'),
347 'bundle' => __('Bundle', 'latepoint'),
348 'location' => __('Locations', 'latepoint'),
349 'booking' => __('Bookings & Orders', 'latepoint'),
350 'customer' => __('Customers', 'latepoint'),
351 'transaction' => __('Payments', 'latepoint'),
352 'invoice' => __('Invoice', 'latepoint'),
353 'order' => __('Order', 'latepoint'),
354 'resource_schedule' => __('Resource Schedules', 'latepoint'),
355 'settings' => __('Settings', 'latepoint'),
356 'connection' => __('Connections', 'latepoint'),
357 'edit' => __('Edit', 'latepoint'),
358 'delete' => __('Delete', 'latepoint'),
359 'view' => __('View', 'latepoint'),
360 'create' => __('Create', 'latepoint'),
361 ];
362
363 /**
364 * List of human-friendly names for available actions
365 *
366 * @since 4.7.2
367 * @hook latepoint_roles_action_names
368 *
369 * @param {array} $action_names Array of names for available actions
370 * @param {string} $action_code Programmatic code of the action being filtered
371 * @returns {array} The filtered array of action names
372 */
373 $action_names = apply_filters('latepoint_roles_action_names', $action_names, $action_code);
374 return $action_names[$action_code] ?? $action_code;
375 }
376
377 public static function get_default_capabilities_list_for_agent_role(){
378 $capabilities = [
379 'agent__view', 'agent__edit' ,
380 'booking__view', 'booking__delete' ,'booking__create', 'booking__edit',
381 'customer__view', 'customer__delete' ,'customer__create', 'customer__edit',
382 'transaction__view', 'transaction__delete' ,'transaction__create', 'transaction__edit',
383 'invoice__view', 'invoice__delete' ,'invoice__create', 'invoice__edit',
384 'activity__view', 'activity__delete' ,'activity__create', 'activity__edit',
385 'chat__edit', 'resource_schedule__edit'
386 ];
387
388 /**
389 * Default list of permitted actions available for agent user type
390 *
391 * @since 4.7.0
392 * @hook latepoint_roles_get_default_capabilities_list_for_agent_role
393 *
394 * @param {array} $capabilities array of permitted actions available to agent user type by default
395 * @returns {array} The filtered array of permitted actions
396 */
397 return apply_filters('latepoint_roles_get_default_capabilities_list_for_agent_role', $capabilities);
398 }
399
400 public static function get_all_available_actions_list(){
401 $actions = [
402 'agent__view', 'agent__delete' ,'agent__create', 'agent__edit' ,
403 'service__view', 'service__delete' ,'service__create', 'service__edit' ,
404 'bundle__view', 'bundle__delete' ,'bundle__create', 'bundle__edit' ,
405 'location__view', 'location__delete' ,'location__create', 'location__edit' ,
406 'service_extra__view', 'service_extra__delete' ,'service_extra__create', 'service_extra__edit' ,
407 'booking__view', 'booking__delete' ,'booking__create', 'booking__edit' ,
408 'customer__view', 'customer__delete' ,'customer__create', 'customer__edit' ,
409 'transaction__view', 'transaction__delete' ,'transaction__create', 'transaction__edit' ,
410 'invoice__view', 'invoice__delete' ,'invoice__create', 'invoice__edit' ,
411 'activity__view', 'activity__delete' ,'activity__create', 'activity__edit' ,
412 'chat__edit', 'resource_schedule__edit', 'settings__edit', 'connection__edit'
413 ];
414
415 /**
416 * All available actions to be attached to a user role
417 *
418 * @since 4.7.0
419 * @hook latepoint_roles_get_all_available_actions_list
420 *
421 * @param {array} $actions array of actions that can be attached to a user role
422 * @returns {array} The filtered array of actions
423 */
424 return apply_filters('latepoint_roles_get_all_available_actions_list', $actions);
425 }
426
427 /**
428 * @param \LatePoint\Misc\Role $role
429 * @return \LatePoint\Misc\User[]
430 */
431 public static function get_users_for_role(\LatePoint\Misc\Role $role): array{
432 $users = [];
433 $wp_users = [];
434 switch($role->user_type){
435 case LATEPOINT_USER_TYPE_ADMIN:
436 $wp_users = get_users(['role__in' => LATEPOINT_WP_ADMIN_ROLE]);
437 break;
438 case LATEPOINT_USER_TYPE_AGENT:
439 $wp_users = get_users(['role' => LATEPOINT_WP_AGENT_ROLE]);
440 break;
441 case LATEPOINT_USER_TYPE_CUSTOM:
442 if($role->wp_role) $wp_users = get_users(['role' => $role->wp_role]);
443 break;
444 }
445 foreach($wp_users as $wp_user){
446 $users[] = \LatePoint\Misc\User::load_from_wp_user($wp_user);
447 }
448 return $users;
449 }
450
451 public static function get_user_roles($user): array {
452 return [];
453 }
454
455 /**
456 * Checks if currently logged in user has certain capabilities
457 *
458 * @param array|string $capabilities array or string of capabilities that you want to check if logged in user has or not
459 * @return bool
460 */
461 public static function can_user($capabilities) :bool{
462 if (OsAuthHelper::get_current_user()) {
463 return OsAuthHelper::get_current_user()->has_capability( $capabilities );
464 }
465
466 return false;
467 }
468
469 public static function get_allowed_records(string $model_type, $load_from_db = false){
470 return OsAuthHelper::get_current_user()->get_allowed_records($model_type, $load_from_db);
471 }
472
473 public static function are_all_records_allowed(string $model_type = '', $load_from_db = false): bool{
474 return OsAuthHelper::get_current_user()->are_all_records_allowed($model_type, $load_from_db);
475 }
476
477 /*
478 * Pass filter object or an array of arguments for a query to be filtered based on what logged in user is allowed to access
479 */
480 public static function filter_allowed_records_from_arguments_or_filter($args_or_filter){
481 $model_types = ['agent', 'location', 'service'];
482 foreach($model_types as $model_type){
483 if(!OsAuthHelper::get_current_user()->are_all_records_allowed($model_type)){
484 $prop = $model_type.'_id';
485
486 // get value that needs to be filtered by allowed records
487 $value = ($args_or_filter instanceof \LatePoint\Misc\Filter) ? $args_or_filter->$prop ?? [] : $args_or_filter[$prop] ?? [];
488
489 if(empty($value)){
490 // no value is set - limit it to allowed records
491 $value = OsAuthHelper::get_current_user()->get_allowed_records($model_type);
492 }else{
493 // value is set - make sure it's in the allowed records list, if not - set to allowed records
494 $allowed_from_set = array_intersect(is_array($value) ? $value : [$value], OsAuthHelper::get_current_user()->get_allowed_records($model_type));
495 $value = empty($allowed_from_set) ? OsAuthHelper::get_current_user()->get_allowed_records($model_type) : $allowed_from_set;
496 }
497 if($args_or_filter instanceof \LatePoint\Misc\Filter){
498 $args_or_filter->$prop = $value;
499 }elseif(is_array($args_or_filter)){
500 $args_or_filter[$prop] = $value;
501 }
502 }
503 }
504 return $args_or_filter;
505 }
506 }