fix: Resolve redirect loop when WordPress admin accesses HVAC dashboard

- Updated dashboard template to show access denied message instead of redirect for non-authorized users
- Enhanced login handler to redirect admins to WP admin instead of causing loops
- Added view_hvac_dashboard capability to administrator role during plugin activation
- Improved access control logic to allow administrators to view dashboard
- Added proper cleanup of admin capabilities on plugin deactivation
- Prevents ERR_TOO_MANY_REDIRECTS when WordPress admin users try to access trainer dashboard

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
bengizmo 2025-05-22 15:59:33 -03:00
parent 45b8192715
commit a014a9d7f7
4 changed files with 114 additions and 9 deletions

View file

@ -164,6 +164,15 @@ function hvac_ce_create_required_pages() {
} else { } else {
HVAC_Logger::error('Failed to create hvac_trainer role.', 'Activation'); HVAC_Logger::error('Failed to create hvac_trainer role.', 'Activation');
} }
// Grant administrators access to dashboard to prevent redirect loops
$admin_access = $roles_manager->grant_admin_dashboard_access();
if ($admin_access) {
HVAC_Logger::info('Successfully granted admin dashboard access.', 'Activation');
} else {
HVAC_Logger::error('Failed to grant admin dashboard access.', 'Activation');
}
HVAC_Logger::info('Completed page creation and role setup process', 'Activation'); HVAC_Logger::info('Completed page creation and role setup process', 'Activation');
} // <<-- Brace moved here } // <<-- Brace moved here
@ -177,7 +186,8 @@ function hvac_ce_remove_roles() {
require_once HVAC_CE_PLUGIN_DIR . 'includes/class-hvac-roles.php'; require_once HVAC_CE_PLUGIN_DIR . 'includes/class-hvac-roles.php';
$roles_manager = new HVAC_Roles(); $roles_manager = new HVAC_Roles();
$roles_manager->remove_trainer_role(); $roles_manager->remove_trainer_role();
HVAC_Logger::info('Deactivation hook fired, attempted to remove hvac_trainer role.', 'Deactivation'); $roles_manager->revoke_admin_dashboard_access();
HVAC_Logger::info('Deactivation hook fired, removed hvac_trainer role and admin dashboard access.', 'Deactivation');
} }
register_deactivation_hook(__FILE__, 'hvac_ce_remove_roles'); register_deactivation_hook(__FILE__, 'hvac_ce_remove_roles');

View file

@ -86,6 +86,31 @@ class HVAC_Roles {
return $caps; return $caps;
} }
/**
* Grant administrators access to HVAC dashboard capabilities
* This prevents redirect loops when admins try to access the dashboard
*/
public function grant_admin_dashboard_access() {
$admin_role = get_role('administrator');
if ($admin_role) {
$admin_role->add_cap('view_hvac_dashboard');
$admin_role->add_cap('manage_hvac_events');
return true;
}
return false;
}
/**
* Remove HVAC dashboard capabilities from administrators
*/
public function revoke_admin_dashboard_access() {
$admin_role = get_role('administrator');
if ($admin_role) {
$admin_role->remove_cap('view_hvac_dashboard');
$admin_role->remove_cap('manage_hvac_events');
}
}
/** /**
* Check if current user has a specific HVAC trainer capability * Check if current user has a specific HVAC trainer capability
*/ */

View file

@ -168,10 +168,26 @@ class Login_Handler {
public function redirect_logged_in_user() { public function redirect_logged_in_user() {
// Check if we are on the custom login page (adjust slug if needed) // Check if we are on the custom login page (adjust slug if needed)
if ( is_page( 'community-login' ) && is_user_logged_in() ) { if ( is_page( 'community-login' ) && is_user_logged_in() ) {
// Redirect logged-in users to the dashboard // Get current user
$dashboard_url = home_url( '/hvac-dashboard/' ); $user = wp_get_current_user();
wp_safe_redirect( $dashboard_url );
exit; // Redirect based on user role/capabilities
if ( in_array( 'hvac_trainer', (array) $user->roles ) || current_user_can( 'view_hvac_dashboard' ) ) {
// HVAC trainers go to their dashboard
$dashboard_url = home_url( '/hvac-dashboard/' );
wp_safe_redirect( $dashboard_url );
exit;
} elseif ( current_user_can( 'manage_options' ) ) {
// Administrators can choose - redirect to WP admin or allow access to dashboard
// For now, let them stay on the login page with a message, or redirect to admin
$admin_url = admin_url();
wp_safe_redirect( $admin_url );
exit;
} else {
// Other logged-in users get redirected to home page
wp_safe_redirect( home_url() );
exit;
}
} }
} }

View file

@ -18,10 +18,64 @@ if ( ! defined( 'ABSPATH' ) ) {
// --- Security Check &amp; Data Loading --- // --- Security Check &amp; Data Loading ---
// Ensure user is logged in and has the correct role // Ensure user is logged in and has access to the dashboard
if ( ! is_user_logged_in() || ! current_user_can( 'view_hvac_dashboard' ) ) { if ( ! is_user_logged_in() ) {
// Redirect to login page or show an error message // Redirect to login page if not logged in
wp_safe_redirect( home_url( '/community-login/' ) ); // Redirect to the custom login page wp_safe_redirect( home_url( '/community-login/' ) );
exit;
}
// Check if user has permission to view dashboard
// Allow administrators and users with view_hvac_dashboard capability
if ( ! current_user_can( 'view_hvac_dashboard' ) && ! current_user_can( 'manage_options' ) ) {
// Show access denied message instead of redirect to prevent loops
get_header();
?>
<style>
.hvac-access-denied {
max-width: 600px;
margin: 60px auto;
padding: 40px;
text-align: center;
background: #fff;
border-radius: 8px;
box-shadow: 0 2px 10px rgba(0,0,0,0.1);
}
.hvac-access-denied h1 {
color: #d63638;
margin-bottom: 20px;
}
.hvac-access-denied p {
margin-bottom: 15px;
color: #666;
line-height: 1.6;
}
.hvac-access-denied .button {
background: #0073aa;
color: white;
padding: 12px 24px;
text-decoration: none;
border-radius: 4px;
display: inline-block;
margin-top: 20px;
}
.hvac-access-denied .button:hover {
background: #005a87;
color: white;
}
</style>
<div class="content-area primary ast-container">
<main class="site-main">
<div class="hvac-access-denied">
<h1><?php _e('Access Denied', 'hvac-community-events'); ?></h1>
<p><?php _e('Sorry, you do not have permission to access the HVAC Trainer Dashboard.', 'hvac-community-events'); ?></p>
<p><?php _e('If you are an HVAC trainer, please contact an administrator to get the proper role assigned.', 'hvac-community-events'); ?></p>
<a href="<?php echo esc_url( home_url() ); ?>" class="button"><?php _e('Return to Home', 'hvac-community-events'); ?></a>
</div>
</main>
</div>
<?php
get_footer();
exit; exit;
} }