PluginProbe ʕ •ᴥ•ʔ
LatePoint – Calendar Booking Plugin for Appointments and Events / trunk
LatePoint – Calendar Booking Plugin for Appointments and Events vtrunk
5.6.5 5.6.4 5.6.3 5.6.2 5.6.1 5.6.0 5.5.2 5.5.1 5.5.0 5.4.2 trunk 5.1.0 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.1.8 5.1.9 5.1.91 5.1.92 5.1.93 5.1.94 5.2.0 5.2.1 5.2.10 5.2.11 5.2.2 5.2.3 5.2.4 5.2.5 5.2.6 5.2.7 5.2.8 5.2.9 5.3.0 5.3.1 5.3.2 5.4.0 5.4.1
latepoint / lib / abilities / abstract-ability.php
latepoint / lib / abilities Last commit date
activities 3 months ago agents 3 months ago analytics 3 months ago bookings 2 days ago calendar 3 months ago configs 3 months ago customers 2 days ago locations 3 months ago orders 3 months ago services 3 months ago abstract-ability.php 2 days ago class-latepoint-abilities.php 2 weeks ago
abstract-ability.php
151 lines
1 <?php
2 /**
3 * Abstract base class for all LatePoint abilities.
4 *
5 * @package LatePoint\Abilities
6 * @since 5.3.0
7 */
8
9 if ( ! defined( 'ABSPATH' ) ) {
10 exit;
11 }
12
13 abstract class LatePointAbstractAbility {
14
15 protected string $id;
16 protected string $category = 'latepoint';
17 protected string $label = '';
18 protected string $description = '';
19 protected string $permission = 'manage_options';
20 protected bool $read_only = true;
21 protected bool $destructive = false;
22 protected bool $idempotent = false;
23
24 public function __construct() {
25 $this->configure();
26 }
27
28 /**
29 * Set $id, $label, $description, $permission, $read_only, $destructive.
30 */
31 abstract protected function configure(): void;
32
33 abstract public function get_input_schema(): array;
34
35 abstract public function get_output_schema(): array;
36
37 /**
38 * @param array $args
39 * @return array|\WP_Error
40 */
41 abstract public function execute( array $args );
42
43 public function get_id(): string {
44 return $this->id;
45 }
46
47 public function is_read_only(): bool {
48 return $this->read_only;
49 }
50
51 public function is_destructive(): bool {
52 return $this->destructive;
53 }
54
55 public function check_permission(): bool {
56 // Master gate. In case the ability was registered
57 // while the master toggle was on but has since been disabled.
58 if ( ! OsSettingsHelper::is_on( 'latepoint_abilities_api' ) ) {
59 return false;
60 }
61 if ( $this->destructive && ! OsSettingsHelper::is_on( 'latepoint_abilities_api_delete' ) ) {
62 return false;
63 }
64 if ( ! $this->read_only && ! $this->destructive
65 && ! OsSettingsHelper::is_on( 'latepoint_abilities_api_edit' ) ) {
66 return false;
67 }
68
69 return OsRolesHelper::can_user( $this->permission );
70 }
71
72 public function to_definition(): array {
73 return [
74 'label' => $this->label,
75 'description' => $this->description,
76 'category' => $this->category,
77 'permission_callback' => [ $this, 'check_permission' ],
78 'input_schema' => $this->get_input_schema(),
79 'output_schema' => $this->get_output_schema(),
80 'execute_callback' => [ $this, 'execute' ],
81 'meta' => $this->build_meta(),
82 ];
83 }
84
85 protected function build_meta(): array {
86
87 // Default annotations, normally read-only
88 $annotations = [
89 'readOnlyHint' => $this->read_only,
90 'idempotentHint' => $this->idempotent,
91 'destructiveHint' => false,
92 'priority' => $this->read_only ? 1.0 : 2.0,
93 ];
94
95 // Destructive overrides everything.
96 if ( $this->destructive ) {
97 $annotations['readOnlyHint'] = false;
98 $annotations['destructiveHint'] = true;
99 $annotations['priority'] = 3.0;
100 }
101
102 $meta = [
103 'annotations' => $annotations,
104 'show_in_rest' => true,
105 'mcp' => [
106 'public' => true,
107 'type' => 'tool',
108 ],
109 ];
110
111 return $meta;
112 }
113
114 /**
115 * Per-record ownership/scope check. Returns WP_Error (403) when the current
116 * user is not allowed to act on this specific record. Admins always pass.
117 *
118 * @param OsModel $model
119 * @param string $action one of 'view' | 'edit' | 'delete'
120 * @return true|\WP_Error
121 */
122 protected function authorize_record( OsModel $model, string $action ) {
123 if ( ! OsRolesHelper::can_user_make_action_on_model_record( $model, $action ) ) {
124 return new WP_Error(
125 'forbidden',
126 __( 'You are not allowed to access this record.', 'latepoint' ),
127 [ 'status' => 403 ]
128 );
129 }
130 return true;
131 }
132
133 protected static function pagination(): array {
134 return [
135 'page' => [
136 'type' => 'integer',
137 'default' => 1,
138 'minimum' => 1,
139 'description' => __( 'Page number.', 'latepoint' ),
140 ],
141 'per_page' => [
142 'type' => 'integer',
143 'default' => 20,
144 'minimum' => 1,
145 'maximum' => 100,
146 'description' => __( 'Items per page.', 'latepoint' ),
147 ],
148 ];
149 }
150 }
151