UM reviews tab permissions

pryley · Oct 24, 2024 · 7b66e50 · 7b66e50
1 parent b64f943
commit 7b66e50
Show file tree

Hide file tree

Showing 5 changed files with 108 additions and 13 deletions.
diff --git a/config/integrations/ultimatemember.php b/config/integrations/ultimatemember.php
@@ -1,13 +1,18 @@
 <?php
 
+if (!function_exists('get_editable_roles')) {
+    require_once ABSPATH.'wp-admin/includes/user.php';
+}
+
+$roles = array_map('translate_user_role', wp_list_pluck(get_editable_roles(), 'name'));
+ksort($roles);
+
 return [ // order is intentional
     'settings.integrations.ultimatemember.enabled' => [
         'default' => 'no',
         'label' => _x('Enable Integration?', 'admin-text', 'site-reviews'),
         'sanitizer' => 'text',
-        'tooltip' => sprintf(_x('This will enable the Ultimate Member integration with Site Reviews.', 'admin-text', 'site-reviews'),
-            sprintf('<a data-expand="#tools-import-reviews" href="%s">%s</a>', glsr_admin_url('tools', 'general'), _x('Import Reviews', 'admin-text', 'site-reviews'))
-        ),
+        'tooltip' => _x('This will enable the Ultimate Member integration with Site Reviews.', 'admin-text', 'site-reviews'),
         'type' => 'yes_no',
     ],
     'settings.integrations.ultimatemember.display_directory_ratings' => [
@@ -17,7 +22,7 @@
         ],
         'label' => _x('Display Directory Ratings?', 'admin-text', 'site-reviews'),
         'sanitizer' => 'text',
-        'tooltip' => _x('This will display the rating of each person in the Member Directory.', 'admin-text', 'site-reviews'),
+        'tooltip' => _x('This will display the average rating of each person in the Member Directory.', 'admin-text', 'site-reviews'),
         'type' => 'yes_no',
     ],
     'settings.integrations.ultimatemember.display_empty' => [
@@ -67,7 +72,7 @@
         'label' => _x('Summary Shortcode', 'admin-text', 'site-reviews'),
         'placeholder' => '[site_reviews_summary assigned_users="profile_id"]',
         'sanitizer' => 'text',
-        'tooltip' => _x('Enter the rating summary shortcode used on the profile page', 'admin-text', 'site-reviews'),
+        'tooltip' => _x('Enter the rating summary shortcode used on the member profile page', 'admin-text', 'site-reviews'),
         'type' => 'text',
     ],
     'settings.integrations.ultimatemember.reviews' => [
@@ -80,7 +85,7 @@
         'label' => _x('Reviews Shortcode', 'admin-text', 'site-reviews'),
         'placeholder' => '[site_reviews assigned_users="profile_id" hide="assigned_links" pagination="loadmore" id="user_reviews"]',
         'sanitizer' => 'text',
-        'tooltip' => _x('Enter the latest reviews shortcode used on the profile page', 'admin-text', 'site-reviews'),
+        'tooltip' => _x('Enter the latest reviews shortcode used on the member profile page', 'admin-text', 'site-reviews'),
         'type' => 'text',
     ],
     'settings.integrations.ultimatemember.form' => [
@@ -93,7 +98,41 @@
         'label' => _x('Form Shortcode', 'admin-text', 'site-reviews'),
         'placeholder' => '[site_reviews_form assigned_users="profile_id" hide="name,email,images"]',
         'sanitizer' => 'text',
-        'tooltip' => _x('Enter the form shortcode used on the profile page', 'admin-text', 'site-reviews'),
+        'tooltip' => _x('Enter the form shortcode used on the member profile page', 'admin-text', 'site-reviews'),
         'type' => 'text',
     ],
+    'settings.integrations.ultimatemember.reviews_tab_visibility' => [
+        'class' => 'regular-text',
+        'default' => '',
+        'depends_on' => [
+            'settings.integrations.ultimatemember.enabled' => ['yes'],
+            'settings.integrations.ultimatemember.display_reviews_tab' => ['yes'],
+        ],
+        'label' => _x('Reviews Tab Visibility', 'admin-text', 'site-reviews'),
+        'options' => [
+            '' => _x('Anyone', 'admin-text', 'site-reviews'),
+            'guest' => _x('Only Guests', 'admin-text', 'site-reviews'),
+            'member' => _x('Only Members', 'admin-text', 'site-reviews'),
+            'roles' => _x('Only Specific Roles', 'admin-text', 'site-reviews'),
+            'owner' => _x('Only the Profile Owner', 'admin-text', 'site-reviews'),
+            'owner_roles' => _x('Only the Profile Owner and Specific Roles', 'admin-text', 'site-reviews'),
+        ],
+        'sanitizer' => 'text',
+        'tooltip' => _x('Choose who can view the reviews tab on member profiles.', 'admin-text', 'site-reviews'),
+        'type' => 'select',
+    ],
+    'settings.integrations.ultimatemember.reviews_tab_roles' => [
+        'class' => 'regular-grid',
+        'default' => ['administrator'],
+        'depends_on' => [
+            'settings.integrations.ultimatemember.enabled' => ['yes'],
+            'settings.integrations.ultimatemember.display_reviews_tab' => ['yes'],
+            'settings.integrations.ultimatemember.reviews_tab_visibility' => ['owner_roles', 'roles'],
+        ],
+        'label' => _x('Reviews Tab Visibility Roles', 'admin-text', 'site-reviews'),
+        'options' => $roles,
+        'sanitizer' => 'array-string',
+        'tooltip' => _x('Choose which user roles are allowed to view the reviews tab on member profiles.', 'admin-text', 'site-reviews'),
+        'type' => 'checkbox',
+    ],
 ];
diff --git a/plugin/Integrations/UltimateMember/Controllers/DirectoryController.php b/plugin/Integrations/UltimateMember/Controllers/DirectoryController.php
@@ -113,10 +113,10 @@ public function modifyQuerySortby($query, $directoryData, $sortby): void
             ? CountManager::META_RANKING
             : CountManager::META_AVERAGE;
         $query->joins[] = glsr(Query::class)->sql(
-            "LEFT JOIN table|usermeta AS glsr_user_meta ON (glsr_user_meta.user_id = u.ID AND glsr_user_meta.meta_key = %s)",
+            "LEFT JOIN table|usermeta AS glsr_usermeta ON (glsr_usermeta.user_id = u.ID AND glsr_usermeta.meta_key = %s)",
             $sortKey
         );
-        $query->sql_order = " ORDER BY CAST(glsr_user_meta.meta_value AS SIGNED) {$order}, u.user_registered DESC";
+        $query->sql_order = " ORDER BY CAST(glsr_usermeta.meta_value AS SIGNED) {$order}, u.user_registered DESC";
     }
 
     /**

diff --git a/plugin/Integrations/UltimateMember/Controllers/ProfileController.php b/plugin/Integrations/UltimateMember/Controllers/ProfileController.php
@@ -15,7 +15,7 @@ class ProfileController extends AbstractController
      */
     public function filterInlineScript(string $javascript): string
     {
-        if (!um_is_core_page('user')) {
+        if (!$this->hasVisibilityPermission()) {
             return $javascript;
         }
         return $javascript.'document.addEventListener("DOMContentLoaded", () => {'.
@@ -33,7 +33,7 @@ public function filterInlineScript(string $javascript): string
      */
     public function filterProfileTabs(array $tabs): array
     {
-        if (!glsr_get_option('integrations.ultimatemember.display_reviews_tab', false, 'bool')) {
+        if (!$this->hasVisibilityPermission()) {
             return $tabs;
         }
         $tabs['user_reviews'] = [
@@ -113,7 +113,7 @@ public function filterSummaryTextValue(string $value, TagContract $tag): string
      */
     public function renderReviewsTab(): void
     {
-        if (!glsr_get_option('integrations.ultimatemember.display_reviews_tab', false, 'bool')) {
+        if (!$this->hasVisibilityPermission()) {
             return;
         }
         glsr(Template::class)->render('templates/ultimatemember/reviews', [
@@ -125,6 +125,37 @@ public function renderReviewsTab(): void
         ]);
     }
 
+    protected function hasVisibilityPermission(): bool
+    {
+        if (!glsr_get_option('integrations.ultimatemember.display_reviews_tab', false, 'bool')) {
+            return false;
+        }
+        if (!um_is_core_page('user')) {
+            return false;
+        }
+        $roles = glsr_get_option('integrations.ultimatemember.reviews_tab_roles');
+        $visibility = glsr_get_option('integrations.ultimatemember.reviews_tab_visibility');
+        $user = wp_get_current_user();
+        $userHasRole = !empty(array_intersect($roles, (array) $user->roles));
+        $userIsOwner = $user->ID === um_get_requested_user();
+        if ('guest' === $visibility && $user->ID) {
+            return false;
+        }
+        if ('member' === $visibility && !$user->ID) {
+            return false;
+        }
+        if ('owner' === $visibility && !$userIsOwner) {
+            return false;
+        }
+        if ('roles' === $visibility && !$userHasRole) {
+            return false;
+        }
+        if ('owner_roles' === $visibility && !$userIsOwner && !$userHasRole) {
+            return false;
+        }
+        return true;
+    }
+
     protected function shortcodeForm(): string
     {
         if (!is_user_logged_in()) {

diff --git a/plugin/Integrations/UltimateMember/Hooks.php b/plugin/Integrations/UltimateMember/Hooks.php
@@ -55,6 +55,8 @@ protected function isInstalled(): bool
     {
         return function_exists('UM')
             && function_exists('um_get_default_avatar_uri')
-            && function_exists('um_get_requested_user');
+            && function_exists('um_get_requested_user')
+            && function_exists('um_is_core_page')
+            && function_exists('um_user_profile_url');
     }
 }
diff --git a/tests/phpstan/stubs/ultimate-member.php b/tests/phpstan/stubs/ultimate-member.php
@@ -138,4 +138,27 @@ function um_get_default_avatar_uri()
     function um_get_requested_user()
     {
     }
+    /**
+     * Check if we are on a UM Core Page or not
+     *
+     * Default um core pages slugs
+     * 'user', 'login', 'register', 'members', 'logout', 'account', 'password-reset'
+     *
+     * @param string $page UM core page slug
+     *
+     * @return bool
+     */
+    function um_is_core_page($page)
+    {
+    }
+    /**
+     * Display a link to profile page
+     *
+     * @param int|bool $user_id
+     *
+     * @return bool|string
+     */
+    function um_user_profile_url($user_id = false)
+    {
+    }
 }