ben/upskill-event-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
upskill-event-manager/wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/includes/class-hvac-roles.php
bengizmo a014a9d7f7 fix: Resolve redirect loop when WordPress admin accesses HVAC dashboard 
- Updated dashboard template to show access denied message instead of redirect for non-authorized users
- Enhanced login handler to redirect admins to WP admin instead of causing loops
- Added view_hvac_dashboard capability to administrator role during plugin activation
- Improved access control logic to allow administrators to view dashboard
- Added proper cleanup of admin capabilities on plugin deactivation
- Prevents ERR_TOO_MANY_REDIRECTS when WordPress admin users try to access trainer dashboard

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-05-22 15:59:33 -03:00

120 lines
No EOL
3.3 KiB
PHP
Raw Blame History

<?php
/**
* Handles custom roles and capabilities for the HVAC Community Events plugin
*/
if (!defined('ABSPATH')) {
exit;
}
class HVAC_Roles {
/**
* Create the hvac_trainer role with all required capabilities
*/
public function create_trainer_role() {
// Check if role already exists
if (get_role('hvac_trainer')) {
return true;
}
// Add the role with capabilities
$result = add_role(
'hvac_trainer',
__('HVAC Trainer', 'hvac-community-events'),
$this->get_trainer_capabilities()
);
return $result !== null;
}
/**
* Remove the hvac_trainer role
*/
public function remove_trainer_role() {
remove_role('hvac_trainer');
}
/**
* Get all capabilities for the trainer role
*/
public function get_trainer_capabilities() {
$caps = array(
// Basic WordPress capabilities
'read' => true,
'upload_files' => true,
// Custom HVAC capabilities
'manage_hvac_events' => true,
'edit_hvac_profile' => true,
'view_hvac_dashboard' => true,
'manage_attendees' => true,
'email_attendees' => true,
// The Events Calendar capabilities
'publish_tribe_events' => true,
'edit_tribe_events' => true,
'delete_tribe_events' => true,
'edit_published_tribe_events' => true,
'delete_published_tribe_events' => true,
'read_private_tribe_events' => true,
);
// Explicitly deny admin capabilities
$denied_caps = array(
'manage_options',
'moderate_comments',
'manage_categories',
'manage_links',
'edit_others_posts',
'edit_pages',
'edit_others_pages',
'edit_published_pages',
'publish_pages',
'delete_pages',
'delete_others_pages',
'delete_published_pages',
'delete_others_posts',
'import',
'export',
'edit_theme_options',
);
foreach ($denied_caps as $cap) {
$caps[$cap] = false;
}
return $caps;
}
/**
* Grant administrators access to HVAC dashboard capabilities
* This prevents redirect loops when admins try to access the dashboard
*/
public function grant_admin_dashboard_access() {
$admin_role = get_role('administrator');
if ($admin_role) {
$admin_role->add_cap('view_hvac_dashboard');
$admin_role->add_cap('manage_hvac_events');
return true;
}
return false;
}
/**
* Remove HVAC dashboard capabilities from administrators
*/
public function revoke_admin_dashboard_access() {
$admin_role = get_role('administrator');
if ($admin_role) {
$admin_role->remove_cap('view_hvac_dashboard');
$admin_role->remove_cap('manage_hvac_events');
}
}
/**
* Check if current user has a specific HVAC trainer capability
*/
public static function check_trainer_capability($capability) {
return current_user_can($capability);
}
}
Reference in a new issue View git blame Copy permalink