SecurityHandler
in package
Tags
Table of Contents
- CAPABILITY_ASSIGN_EMPLOYEE_TO_SCHEDULE = 'mpa_assign_employee_to_schedule'
- CAPABILITY_ASSIGN_USER_TO_EMPLOYEE = 'mpa_assign_user_to_employee'
- CAPABILITY_VIEW_EXTENSIONS = 'mpa_view_extensions'
- CURRENT_SECURITY_VERSION = '1.4.1'
- MPA_EMPLOYEE_META_KEY_WORDPRESS_USER = '_mpa_employee_wordpress_user'
- OPTION_NAME_SECURITY_VERSION = 'mpa_security_version'
- ROLE_APPOINTMENT_CUSTOMER = 'mpa_appointment_customer'
- ROLE_APPOINTMENT_EMPLOYEE = 'mpa_appointment_employee'
- ROLE_APPOINTMENT_MANAGER = 'mpa_appointment_manager'
- __construct() : mixed
- applyCapabilities() : mixed
- applyEmployeeCapabilities() : mixed
- Overrides user capabilities for Employee and Schedule post types if requested user is Employee.
- excludePermissionDeniedBooking() : array<string|int, string>
- If current user does not have permission to read not owned booking post type, exclude them from the query.
- excludePermissionDeniedEmployee() : void
- If current user does not have permission to read not owned employee post type, exclude them from the query.
- excludePermissionDeniedPayment() : array<string|int, string>
- If current user does not have permission to read not owned payment post type, exclude them from the query.
- excludePermissionDeniedReservation() : array<string|int, string>
- If current user does not have permission to read not owned reservation post type, exclude them from the query.
- excludePermissionDeniedSchedule() : void
- If current user does not have permission to read not owned schedule post type, exclude them from the query.
- isUserCanAssignEmployeeToSchedule() : bool
- isUserCanAssignUserToEmployee() : bool
- registeringAppointmentRolesAndCapabilities() : mixed
- removeAppointmentRolesAndCapabilities() : mixed
- updatePostCountForExcludedByPermissionDeniedPosts() : mixed
- Corrects post counts query for Booking, Payment, Employee or Schedule list if this list query was filtered because of current user is employee and has no right to see full list of these post types.
- addRolesAndCapabilities() : mixed
- getPostTypeCapabilities() : array<string|int, mixed>
- hasEditOthersCapabilities() : mixed
- isAlreadyRegisteredRolesAndCapabilities() : mixed
Constants
CAPABILITY_ASSIGN_EMPLOYEE_TO_SCHEDULE
public
mixed
CAPABILITY_ASSIGN_EMPLOYEE_TO_SCHEDULE
= 'mpa_assign_employee_to_schedule'
CAPABILITY_ASSIGN_USER_TO_EMPLOYEE
public
mixed
CAPABILITY_ASSIGN_USER_TO_EMPLOYEE
= 'mpa_assign_user_to_employee'
CAPABILITY_VIEW_EXTENSIONS
public
mixed
CAPABILITY_VIEW_EXTENSIONS
= 'mpa_view_extensions'
CURRENT_SECURITY_VERSION
public
mixed
CURRENT_SECURITY_VERSION
= '1.4.1'
MPA_EMPLOYEE_META_KEY_WORDPRESS_USER
public
mixed
MPA_EMPLOYEE_META_KEY_WORDPRESS_USER
= '_mpa_employee_wordpress_user'
OPTION_NAME_SECURITY_VERSION
public
mixed
OPTION_NAME_SECURITY_VERSION
= 'mpa_security_version'
ROLE_APPOINTMENT_CUSTOMER
public
mixed
ROLE_APPOINTMENT_CUSTOMER
= 'mpa_appointment_customer'
ROLE_APPOINTMENT_EMPLOYEE
public
mixed
ROLE_APPOINTMENT_EMPLOYEE
= 'mpa_appointment_employee'
ROLE_APPOINTMENT_MANAGER
public
mixed
ROLE_APPOINTMENT_MANAGER
= 'mpa_appointment_manager'
Methods
__construct()
public
__construct() : mixed
Return values
mixed —applyCapabilities()
public
applyCapabilities() : mixed
Return values
mixed —applyEmployeeCapabilities()
Overrides user capabilities for Employee and Schedule post types if requested user is Employee.
public
applyEmployeeCapabilities(mixed $allUserCaps, mixed $requiredCaps, mixed $args, mixed $wpUser) : mixed
Parameters
- $allUserCaps : mixed
- $requiredCaps : mixed
- $args : mixed
- $wpUser : mixed
Return values
mixed —excludePermissionDeniedBooking()
If current user does not have permission to read not owned booking post type, exclude them from the query.
public
excludePermissionDeniedBooking( $clauses, $query) : array<string|int, string>
Parameters
Return values
array<string|int, string> —excludePermissionDeniedEmployee()
If current user does not have permission to read not owned employee post type, exclude them from the query.
public
excludePermissionDeniedEmployee( $query) : void
Parameters
Return values
void —excludePermissionDeniedPayment()
If current user does not have permission to read not owned payment post type, exclude them from the query.
public
excludePermissionDeniedPayment( $clauses, $query) : array<string|int, string>
Parameters
Return values
array<string|int, string> —excludePermissionDeniedReservation()
If current user does not have permission to read not owned reservation post type, exclude them from the query.
public
excludePermissionDeniedReservation( $clauses, $query) : array<string|int, string>
Parameters
Return values
array<string|int, string> —excludePermissionDeniedSchedule()
If current user does not have permission to read not owned schedule post type, exclude them from the query.
public
excludePermissionDeniedSchedule( $query) : void
Parameters
Return values
void —isUserCanAssignEmployeeToSchedule()
public
static isUserCanAssignEmployeeToSchedule(int $userId) : bool
Parameters
- $userId : int
Return values
bool —isUserCanAssignUserToEmployee()
public
static isUserCanAssignUserToEmployee(int $userId) : bool
Parameters
- $userId : int
Return values
bool —registeringAppointmentRolesAndCapabilities()
public
registeringAppointmentRolesAndCapabilities() : mixed
Return values
mixed —removeAppointmentRolesAndCapabilities()
public
static removeAppointmentRolesAndCapabilities() : mixed
Return values
mixed —updatePostCountForExcludedByPermissionDeniedPosts()
Corrects post counts query for Booking, Payment, Employee or Schedule list if this list query was filtered because of current user is employee and has no right to see full list of these post types.
public
updatePostCountForExcludedByPermissionDeniedPosts(mixed $counts, mixed $type, mixed $perm) : mixed
Parameters
- $counts : mixed
- $type : mixed
- $perm : mixed
Return values
mixed —addRolesAndCapabilities()
private
addRolesAndCapabilities() : mixed
Return values
mixed —getPostTypeCapabilities()
private
getPostTypeCapabilities(string $singularPostTypeName) : array<string|int, mixed>
Parameters
- $singularPostTypeName : string
Return values
array<string|int, mixed> —hasEditOthersCapabilities()
private
hasEditOthersCapabilities(mixed $type) : mixed
Parameters
- $type : mixed
Return values
mixed —isAlreadyRegisteredRolesAndCapabilities()
private
isAlreadyRegisteredRolesAndCapabilities() : mixed