105 lines
3.6 KiB
PHP
105 lines
3.6 KiB
PHP
<?php // phpcs:ignore SlevomatCodingStandard.TypeHints.DeclareStrictTypes.DeclareStrictTypesMissing
|
|
|
|
namespace MailPoet\Config;
|
|
|
|
if (!defined('ABSPATH')) exit;
|
|
|
|
|
|
use MailPoet\Automation\Engine\Engine;
|
|
use MailPoet\WP\Functions as WPFunctions;
|
|
|
|
class AccessControl {
|
|
const PERMISSION_ACCESS_PLUGIN_ADMIN = 'mailpoet_access_plugin_admin';
|
|
const PERMISSION_MANAGE_SETTINGS = 'mailpoet_manage_settings';
|
|
const PERMISSION_MANAGE_FEATURES = 'mailpoet_manage_features';
|
|
const PERMISSION_MANAGE_EMAILS = 'mailpoet_manage_emails';
|
|
const PERMISSION_MANAGE_SUBSCRIBERS = 'mailpoet_manage_subscribers';
|
|
const PERMISSION_MANAGE_FORMS = 'mailpoet_manage_forms';
|
|
const PERMISSION_MANAGE_SEGMENTS = 'mailpoet_manage_segments';
|
|
const PERMISSION_MANAGE_AUTOMATIONS = Engine::CAPABILITY_MANAGE_AUTOMATIONS;
|
|
const NO_ACCESS_RESTRICTION = 'mailpoet_no_access_restriction';
|
|
const ALL_ROLES_ACCESS = 'mailpoet_all_roles_access';
|
|
|
|
public function getDefaultPermissions() {
|
|
return [
|
|
self::PERMISSION_ACCESS_PLUGIN_ADMIN => WPFunctions::get()->applyFilters(
|
|
'mailpoet_permission_access_plugin_admin',
|
|
[
|
|
'administrator',
|
|
'editor',
|
|
]
|
|
),
|
|
self::PERMISSION_MANAGE_SETTINGS => WPFunctions::get()->applyFilters(
|
|
'mailpoet_permission_manage_settings',
|
|
[
|
|
'administrator',
|
|
]
|
|
),
|
|
self::PERMISSION_MANAGE_FEATURES => WPFunctions::get()->applyFilters(
|
|
'mailpoet_permission_manage_features',
|
|
[
|
|
'administrator',
|
|
]
|
|
),
|
|
self::PERMISSION_MANAGE_EMAILS => WPFunctions::get()->applyFilters(
|
|
'mailpoet_permission_manage_emails',
|
|
[
|
|
'administrator',
|
|
'editor',
|
|
]
|
|
),
|
|
self::PERMISSION_MANAGE_SUBSCRIBERS => WPFunctions::get()->applyFilters(
|
|
'mailpoet_permission_manage_subscribers',
|
|
[
|
|
'administrator',
|
|
]
|
|
),
|
|
self::PERMISSION_MANAGE_FORMS => WPFunctions::get()->applyFilters(
|
|
'mailpoet_permission_manage_forms',
|
|
[
|
|
'administrator',
|
|
]
|
|
),
|
|
self::PERMISSION_MANAGE_SEGMENTS => WPFunctions::get()->applyFilters(
|
|
'mailpoet_permission_manage_segments',
|
|
[
|
|
'administrator',
|
|
]
|
|
),
|
|
self::PERMISSION_MANAGE_AUTOMATIONS => WPFunctions::get()->applyFilters(
|
|
'mailpoet_permission_manage_automations',
|
|
[
|
|
'administrator',
|
|
'editor',
|
|
]
|
|
),
|
|
];
|
|
}
|
|
|
|
public function getPermissionLabels() {
|
|
return [
|
|
self::PERMISSION_ACCESS_PLUGIN_ADMIN => __('Admin menu item', 'mailpoet'),
|
|
self::PERMISSION_MANAGE_SETTINGS => __('Manage settings', 'mailpoet'),
|
|
self::PERMISSION_MANAGE_FEATURES => __('Manage features', 'mailpoet'),
|
|
self::PERMISSION_MANAGE_EMAILS => __('Manage emails', 'mailpoet'),
|
|
self::PERMISSION_MANAGE_SUBSCRIBERS => __('Manage subscribers', 'mailpoet'),
|
|
self::PERMISSION_MANAGE_FORMS => __('Manage forms', 'mailpoet'),
|
|
self::PERMISSION_MANAGE_SEGMENTS => __('Manage segments', 'mailpoet'),
|
|
self::PERMISSION_MANAGE_AUTOMATIONS => __('Manage automations', 'mailpoet'),
|
|
];
|
|
}
|
|
|
|
public function validatePermission($permission) {
|
|
if ($permission === self::NO_ACCESS_RESTRICTION) return true;
|
|
if ($permission === self::ALL_ROLES_ACCESS) {
|
|
$capabilities = array_keys($this->getDefaultPermissions());
|
|
foreach ($capabilities as $capability) {
|
|
if (WPFunctions::get()->currentUserCan($capability)) {
|
|
return true;
|
|
}
|
|
}
|
|
return false;
|
|
}
|
|
return WPFunctions::get()->currentUserCan($permission);
|
|
}
|
|
}
|