diff --git a/includes/class-hvac-access-control.php b/includes/class-hvac-access-control.php index 2bb9f474..8172dd09 100644 --- a/includes/class-hvac-access-control.php +++ b/includes/class-hvac-access-control.php @@ -186,17 +186,17 @@ class HVAC_Access_Control { wp_safe_redirect( $login_url ); exit; } - + $user_id = get_current_user_id(); $user = wp_get_current_user(); - - // Allow administrators full access - if ( current_user_can( 'manage_options' ) ) { + + // Allow administrators and master trainers full access + if ( current_user_can( 'manage_options' ) || in_array( 'hvac_master_trainer', $user->roles ) ) { return; } - + // Check if user has trainer role - if ( ! in_array( 'hvac_trainer', $user->roles ) && ! in_array( 'hvac_master_trainer', $user->roles ) ) { + if ( ! in_array( 'hvac_trainer', $user->roles ) ) { // Not a trainer, show access denied $this->show_access_denied(); return; diff --git a/includes/class-hvac-shortcodes.php b/includes/class-hvac-shortcodes.php index 5e1b470c..0532b403 100644 --- a/includes/class-hvac-shortcodes.php +++ b/includes/class-hvac-shortcodes.php @@ -311,7 +311,7 @@ class HVAC_Shortcodes { } $user = wp_get_current_user(); - if (!array_intersect(['hvac_trainer', 'hvac_master_trainer'], $user->roles)) { + if (!array_intersect(['hvac_trainer', 'hvac_master_trainer'], $user->roles) && !current_user_can('manage_options')) { return '

' . __('You must be a trainer to create events.', 'hvac-community-events') . '

'; } @@ -964,7 +964,7 @@ class HVAC_Shortcodes { } $user = wp_get_current_user(); - if (!array_intersect(['hvac_trainer', 'hvac_master_trainer'], $user->roles)) { + if (!array_intersect(['hvac_trainer', 'hvac_master_trainer'], $user->roles) && !current_user_can('manage_options')) { wp_send_json_error('Insufficient permissions'); return; } diff --git a/templates/page-hvac-form.php b/templates/page-hvac-form.php index 2bf52d69..9afe9dbf 100644 --- a/templates/page-hvac-form.php +++ b/templates/page-hvac-form.php @@ -43,7 +43,7 @@ if ($show_navigation && !is_user_logged_in()) { if ($show_navigation) { $user = wp_get_current_user(); - if (!array_intersect(['hvac_trainer', 'hvac_master_trainer'], $user->roles)) { + if (!array_intersect(['hvac_trainer', 'hvac_master_trainer'], $user->roles) && !current_user_can('manage_options')) { wp_die(__('Access denied. Trainer role required.', 'hvac-community-events')); } } diff --git a/templates/page-manage-event.php b/templates/page-manage-event.php index 969c1ee7..555ab02c 100644 --- a/templates/page-manage-event.php +++ b/templates/page-manage-event.php @@ -13,9 +13,9 @@ if (!is_user_logged_in()) { exit; } -// Check user roles +// Check user roles - allow trainers, master trainers, and administrators $user = wp_get_current_user(); -if (!array_intersect(['hvac_trainer', 'hvac_master_trainer'], $user->roles)) { +if (!array_intersect(['hvac_trainer', 'hvac_master_trainer'], $user->roles) && !current_user_can('manage_options')) { wp_die(__('Access denied. Trainer role required.', 'hvac-community-events')); } @@ -35,6 +35,3 @@ if (defined('WP_DEBUG') && WP_DEBUG) { // Perform the redirect wp_safe_redirect($redirect_url, 301); exit; - -