upskill-event-manager/templates/page-hvac-form.php
ben 46266aa894 feat: expand access permissions for master trainers and administrators
- Update HVAC_Access_Control to allow master trainers access to all trainer pages
- Add administrator permission checks to template security validations
- Enable administrators and master trainers to access event creation and management
- Update AJAX handlers to include administrator permission validation
- Fix syntax error in page-manage-event.php template redirect

This ensures proper role hierarchy where administrators have full access,
master trainers can access both trainer and master sections, and regular
trainers maintain existing trainer-only access.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-25 10:16:09 -03:00

146 lines
No EOL
4.3 KiB
PHP

<?php
/**
* HVAC Form Template
*
* Template for complex forms (registration, event creation/editing)
*
* @package HVAC_Community_Events
* @since 2.0.0
*/
// Define constant to indicate we are in a page template
define('HVAC_IN_PAGE_TEMPLATE', true);
// Security check
if (!defined('ABSPATH')) {
exit;
}
get_header();
// Determine form type from page slug
$page_slug = get_post_field('post_name', get_queried_object_id());
$form_type = 'default';
if (strpos($page_slug, 'registration') !== false) {
$form_type = 'registration';
$show_navigation = false; // No navigation for public registration
} elseif (strpos($page_slug, 'event/create') !== false) {
$form_type = 'event_create';
$show_navigation = true;
} elseif (strpos($page_slug, 'event/edit') !== false) {
$form_type = 'event_edit';
$show_navigation = true;
} else {
$show_navigation = true;
}
// Security check for protected forms
if ($show_navigation && !is_user_logged_in()) {
wp_safe_redirect(home_url('/community-login/'));
exit;
}
if ($show_navigation) {
$user = wp_get_current_user();
if (!array_intersect(['hvac_trainer', 'hvac_master_trainer'], $user->roles) && !current_user_can('manage_options')) {
wp_die(__('Access denied. Trainer role required.', 'hvac-community-events'));
}
}
?>
<div class="hvac-page-wrapper hvac-form-page hvac-form-<?php echo esc_attr($form_type); ?>">
<?php if ($show_navigation): ?>
<?php
// Load page header (navigation, breadcrumbs)
get_template_part('templates/parts/hvac-page-header', null, [
'show_navigation' => true,
'show_breadcrumbs' => true,
'page_config' => [
'menu_type' => isset($user) && in_array('hvac_master_trainer', $user->roles) ? 'master_trainer' : 'trainer'
]
]);
?>
<?php endif; ?>
<div class="container">
<?php
// Load status messages
get_template_part('templates/parts/hvac-status-messages');
// Load form content based on type
switch ($form_type) {
case 'registration':
echo do_shortcode('[hvac_trainer_registration]');
break;
case 'event_create':
echo do_shortcode('[hvac_create_event]');
break;
case 'event_edit':
// Get event ID from URL
$event_id = isset($_GET['event_id']) ? intval($_GET['event_id']) : 0;
if ($event_id > 0) {
echo '<div class="hvac-form-notice">';
echo '<p>Editing Event ID: ' . esc_html($event_id) . '</p>';
echo '</div>';
// Check if TEC Community Events is active
if (function_exists('tribe_community_events_init')) {
echo do_shortcode('[tribe_community_events view="edit_event" id="' . $event_id . '"]');
} else {
echo '<div class="hvac-error-notice"><p>The Events Calendar Community Events plugin is required but not active.</p></div>';
}
} else {
echo '<div class="hvac-error-notice"><p>No event specified. Please select an event to edit.</p></div>';
echo '<p><a href="' . esc_url(home_url('/trainer/event/manage/')) . '" class="button">Back to Event Management</a></p>';
}
break;
default:
echo '<div class="hvac-form-placeholder">';
echo '<h1>Form Page</h1>';
echo '<p>This is a form page.</p>';
echo '</div>';
break;
}
?>
</div>
</div>
<style>
.hvac-form-page .container {
max-width: 1200px;
margin: 0 auto;
padding: 20px;
}
.hvac-form-notice {
background: #f0f7ff;
border: 1px solid #0073aa;
border-radius: 4px;
padding: 12px;
margin-bottom: 20px;
}
.hvac-form-notice p {
margin: 0;
color: #0073aa;
}
.hvac-error-notice {
background: #fff5f5;
border: 1px solid #dc3232;
border-radius: 4px;
padding: 12px;
margin-bottom: 20px;
}
.hvac-error-notice p {
margin: 0;
color: #dc3232;
}
</style>
<?php get_footer(); ?>