From 7b66e504fcc6952072d462334322e72dbf4644ae Mon Sep 17 00:00:00 2001 From: Paul Ryley <134939+pryley@users.noreply.github.com> Date: Wed, 23 Oct 2024 22:39:30 -0500 Subject: [PATCH] UM reviews tab permissions --- config/integrations/ultimatemember.php | 53 ++++++++++++++++--- .../Controllers/DirectoryController.php | 4 +- .../Controllers/ProfileController.php | 37 +++++++++++-- plugin/Integrations/UltimateMember/Hooks.php | 4 +- tests/phpstan/stubs/ultimate-member.php | 23 ++++++++ 5 files changed, 108 insertions(+), 13 deletions(-) diff --git a/config/integrations/ultimatemember.php b/config/integrations/ultimatemember.php index 4c8af147..c490a05e 100644 --- a/config/integrations/ultimatemember.php +++ b/config/integrations/ultimatemember.php @@ -1,13 +1,18 @@ [ 'default' => 'no', 'label' => _x('Enable Integration?', 'admin-text', 'site-reviews'), 'sanitizer' => 'text', - 'tooltip' => sprintf(_x('This will enable the Ultimate Member integration with Site Reviews.', 'admin-text', 'site-reviews'), - sprintf('%s', glsr_admin_url('tools', 'general'), _x('Import Reviews', 'admin-text', 'site-reviews')) - ), + 'tooltip' => _x('This will enable the Ultimate Member integration with Site Reviews.', 'admin-text', 'site-reviews'), 'type' => 'yes_no', ], 'settings.integrations.ultimatemember.display_directory_ratings' => [ @@ -17,7 +22,7 @@ ], 'label' => _x('Display Directory Ratings?', 'admin-text', 'site-reviews'), 'sanitizer' => 'text', - 'tooltip' => _x('This will display the rating of each person in the Member Directory.', 'admin-text', 'site-reviews'), + 'tooltip' => _x('This will display the average rating of each person in the Member Directory.', 'admin-text', 'site-reviews'), 'type' => 'yes_no', ], 'settings.integrations.ultimatemember.display_empty' => [ @@ -67,7 +72,7 @@ 'label' => _x('Summary Shortcode', 'admin-text', 'site-reviews'), 'placeholder' => '[site_reviews_summary assigned_users="profile_id"]', 'sanitizer' => 'text', - 'tooltip' => _x('Enter the rating summary shortcode used on the profile page', 'admin-text', 'site-reviews'), + 'tooltip' => _x('Enter the rating summary shortcode used on the member profile page', 'admin-text', 'site-reviews'), 'type' => 'text', ], 'settings.integrations.ultimatemember.reviews' => [ @@ -80,7 +85,7 @@ 'label' => _x('Reviews Shortcode', 'admin-text', 'site-reviews'), 'placeholder' => '[site_reviews assigned_users="profile_id" hide="assigned_links" pagination="loadmore" id="user_reviews"]', 'sanitizer' => 'text', - 'tooltip' => _x('Enter the latest reviews shortcode used on the profile page', 'admin-text', 'site-reviews'), + 'tooltip' => _x('Enter the latest reviews shortcode used on the member profile page', 'admin-text', 'site-reviews'), 'type' => 'text', ], 'settings.integrations.ultimatemember.form' => [ @@ -93,7 +98,41 @@ 'label' => _x('Form Shortcode', 'admin-text', 'site-reviews'), 'placeholder' => '[site_reviews_form assigned_users="profile_id" hide="name,email,images"]', 'sanitizer' => 'text', - 'tooltip' => _x('Enter the form shortcode used on the profile page', 'admin-text', 'site-reviews'), + 'tooltip' => _x('Enter the form shortcode used on the member profile page', 'admin-text', 'site-reviews'), 'type' => 'text', ], + 'settings.integrations.ultimatemember.reviews_tab_visibility' => [ + 'class' => 'regular-text', + 'default' => '', + 'depends_on' => [ + 'settings.integrations.ultimatemember.enabled' => ['yes'], + 'settings.integrations.ultimatemember.display_reviews_tab' => ['yes'], + ], + 'label' => _x('Reviews Tab Visibility', 'admin-text', 'site-reviews'), + 'options' => [ + '' => _x('Anyone', 'admin-text', 'site-reviews'), + 'guest' => _x('Only Guests', 'admin-text', 'site-reviews'), + 'member' => _x('Only Members', 'admin-text', 'site-reviews'), + 'roles' => _x('Only Specific Roles', 'admin-text', 'site-reviews'), + 'owner' => _x('Only the Profile Owner', 'admin-text', 'site-reviews'), + 'owner_roles' => _x('Only the Profile Owner and Specific Roles', 'admin-text', 'site-reviews'), + ], + 'sanitizer' => 'text', + 'tooltip' => _x('Choose who can view the reviews tab on member profiles.', 'admin-text', 'site-reviews'), + 'type' => 'select', + ], + 'settings.integrations.ultimatemember.reviews_tab_roles' => [ + 'class' => 'regular-grid', + 'default' => ['administrator'], + 'depends_on' => [ + 'settings.integrations.ultimatemember.enabled' => ['yes'], + 'settings.integrations.ultimatemember.display_reviews_tab' => ['yes'], + 'settings.integrations.ultimatemember.reviews_tab_visibility' => ['owner_roles', 'roles'], + ], + 'label' => _x('Reviews Tab Visibility Roles', 'admin-text', 'site-reviews'), + 'options' => $roles, + 'sanitizer' => 'array-string', + 'tooltip' => _x('Choose which user roles are allowed to view the reviews tab on member profiles.', 'admin-text', 'site-reviews'), + 'type' => 'checkbox', + ], ]; diff --git a/plugin/Integrations/UltimateMember/Controllers/DirectoryController.php b/plugin/Integrations/UltimateMember/Controllers/DirectoryController.php index 1db401f9..ccde02f1 100644 --- a/plugin/Integrations/UltimateMember/Controllers/DirectoryController.php +++ b/plugin/Integrations/UltimateMember/Controllers/DirectoryController.php @@ -113,10 +113,10 @@ public function modifyQuerySortby($query, $directoryData, $sortby): void ? CountManager::META_RANKING : CountManager::META_AVERAGE; $query->joins[] = glsr(Query::class)->sql( - "LEFT JOIN table|usermeta AS glsr_user_meta ON (glsr_user_meta.user_id = u.ID AND glsr_user_meta.meta_key = %s)", + "LEFT JOIN table|usermeta AS glsr_usermeta ON (glsr_usermeta.user_id = u.ID AND glsr_usermeta.meta_key = %s)", $sortKey ); - $query->sql_order = " ORDER BY CAST(glsr_user_meta.meta_value AS SIGNED) {$order}, u.user_registered DESC"; + $query->sql_order = " ORDER BY CAST(glsr_usermeta.meta_value AS SIGNED) {$order}, u.user_registered DESC"; } /** diff --git a/plugin/Integrations/UltimateMember/Controllers/ProfileController.php b/plugin/Integrations/UltimateMember/Controllers/ProfileController.php index 1c85bfe6..1df01612 100644 --- a/plugin/Integrations/UltimateMember/Controllers/ProfileController.php +++ b/plugin/Integrations/UltimateMember/Controllers/ProfileController.php @@ -15,7 +15,7 @@ class ProfileController extends AbstractController */ public function filterInlineScript(string $javascript): string { - if (!um_is_core_page('user')) { + if (!$this->hasVisibilityPermission()) { return $javascript; } return $javascript.'document.addEventListener("DOMContentLoaded", () => {'. @@ -33,7 +33,7 @@ public function filterInlineScript(string $javascript): string */ public function filterProfileTabs(array $tabs): array { - if (!glsr_get_option('integrations.ultimatemember.display_reviews_tab', false, 'bool')) { + if (!$this->hasVisibilityPermission()) { return $tabs; } $tabs['user_reviews'] = [ @@ -113,7 +113,7 @@ public function filterSummaryTextValue(string $value, TagContract $tag): string */ public function renderReviewsTab(): void { - if (!glsr_get_option('integrations.ultimatemember.display_reviews_tab', false, 'bool')) { + if (!$this->hasVisibilityPermission()) { return; } glsr(Template::class)->render('templates/ultimatemember/reviews', [ @@ -125,6 +125,37 @@ public function renderReviewsTab(): void ]); } + protected function hasVisibilityPermission(): bool + { + if (!glsr_get_option('integrations.ultimatemember.display_reviews_tab', false, 'bool')) { + return false; + } + if (!um_is_core_page('user')) { + return false; + } + $roles = glsr_get_option('integrations.ultimatemember.reviews_tab_roles'); + $visibility = glsr_get_option('integrations.ultimatemember.reviews_tab_visibility'); + $user = wp_get_current_user(); + $userHasRole = !empty(array_intersect($roles, (array) $user->roles)); + $userIsOwner = $user->ID === um_get_requested_user(); + if ('guest' === $visibility && $user->ID) { + return false; + } + if ('member' === $visibility && !$user->ID) { + return false; + } + if ('owner' === $visibility && !$userIsOwner) { + return false; + } + if ('roles' === $visibility && !$userHasRole) { + return false; + } + if ('owner_roles' === $visibility && !$userIsOwner && !$userHasRole) { + return false; + } + return true; + } + protected function shortcodeForm(): string { if (!is_user_logged_in()) { diff --git a/plugin/Integrations/UltimateMember/Hooks.php b/plugin/Integrations/UltimateMember/Hooks.php index 70288a2b..f94ce4c5 100644 --- a/plugin/Integrations/UltimateMember/Hooks.php +++ b/plugin/Integrations/UltimateMember/Hooks.php @@ -55,6 +55,8 @@ protected function isInstalled(): bool { return function_exists('UM') && function_exists('um_get_default_avatar_uri') - && function_exists('um_get_requested_user'); + && function_exists('um_get_requested_user') + && function_exists('um_is_core_page') + && function_exists('um_user_profile_url'); } } diff --git a/tests/phpstan/stubs/ultimate-member.php b/tests/phpstan/stubs/ultimate-member.php index fab7551d..d73949cf 100644 --- a/tests/phpstan/stubs/ultimate-member.php +++ b/tests/phpstan/stubs/ultimate-member.php @@ -138,4 +138,27 @@ function um_get_default_avatar_uri() function um_get_requested_user() { } + /** + * Check if we are on a UM Core Page or not + * + * Default um core pages slugs + * 'user', 'login', 'register', 'members', 'logout', 'account', 'password-reset' + * + * @param string $page UM core page slug + * + * @return bool + */ + function um_is_core_page($page) + { + } + /** + * Display a link to profile page + * + * @param int|bool $user_id + * + * @return bool|string + */ + function um_user_profile_url($user_id = false) + { + } }