Add authentication protection for master trainer pages
- Added master_trainer_pages array with protected master trainer pages - Created is_master_trainer_page() method to identify master trainer URLs - Implemented check_master_trainer_access() to require hvac_master_trainer role - Master trainer pages now redirect to login if not authenticated - Only users with hvac_master_trainer role can access these pages This ensures master trainer dashboard and tools are properly protected. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
bengizmo
parent
dcc1598e28
commit
5e9d122f5a
1 changed files with 65 additions and 0 deletions
|
|
@ -46,6 +46,15 @@ class HVAC_Access_Control {
|
||||||
'edit-profile',
|
'edit-profile',
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Pages that require master trainer role
|
||||||
|
*/
|
||||||
|
private static $master_trainer_pages = array(
|
||||||
|
'master-trainer/dashboard',
|
||||||
|
'master-trainer/certificate-fix',
|
||||||
|
'master-trainer/google-sheets',
|
||||||
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor
|
* Constructor
|
||||||
*/
|
*/
|
||||||
|
|
@ -76,6 +85,11 @@ class HVAC_Access_Control {
|
||||||
if ( $this->is_trainer_page( $current_path ) ) {
|
if ( $this->is_trainer_page( $current_path ) ) {
|
||||||
$this->check_trainer_access( $current_path );
|
$this->check_trainer_access( $current_path );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Check if this is a master trainer page
|
||||||
|
if ( $this->is_master_trainer_page( $current_path ) ) {
|
||||||
|
$this->check_master_trainer_access( $current_path );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -133,6 +147,27 @@ class HVAC_Access_Control {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if current page is a master trainer page
|
||||||
|
*
|
||||||
|
* @param string $path Current page path
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
private function is_master_trainer_page( $path ) {
|
||||||
|
foreach ( self::$master_trainer_pages as $master_page ) {
|
||||||
|
if ( $path === $master_page || strpos( $path, $master_page ) === 0 ) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Also check for pages that start with 'master-trainer/'
|
||||||
|
if ( strpos( $path, 'master-trainer/' ) === 0 ) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check trainer access to protected pages
|
* Check trainer access to protected pages
|
||||||
*
|
*
|
||||||
|
|
@ -198,6 +233,36 @@ class HVAC_Access_Control {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check master trainer access to protected pages
|
||||||
|
*
|
||||||
|
* @param string $path Current page path
|
||||||
|
*/
|
||||||
|
private function check_master_trainer_access( $path ) {
|
||||||
|
// First check if user is logged in
|
||||||
|
if ( ! is_user_logged_in() ) {
|
||||||
|
wp_safe_redirect( home_url( '/community-login/' ) );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = wp_get_current_user();
|
||||||
|
|
||||||
|
// Allow administrators full access
|
||||||
|
if ( current_user_can( 'manage_options' ) ) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if user has master trainer role
|
||||||
|
if ( ! in_array( 'hvac_master_trainer', $user->roles ) ) {
|
||||||
|
// Not a master trainer, show access denied
|
||||||
|
$this->show_access_denied();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Master trainers have access to all their pages
|
||||||
|
// No need to check status for master trainers
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Show access denied page
|
* Show access denied page
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue