Cavemanon/piratepoet
7
Fork 0
Code Pull Requests Actions Releases 16 Activity

Add permissions to manage automations

Browse Source 
[MAILPOET-4287]
This commit is contained in:
Jan Jakes
2022-05-18 14:51:31 +02:00
committed by Veljko V
parent 73776206cc
commit d9c47a40f2
4 changed files with 20 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
mailpoet/lib/Automation/Engine/API/Endpoint.php
View File

@ -2,6 +2,7 @@
namespace MailPoet\Automation\Engine\API; namespace MailPoet\Automation\Engine\API;
use MailPoet\Config\AccessControl;
use MailPoet\Validator\Schema; use MailPoet\Validator\Schema;
use function current_user_can; use function current_user_can;
@ -10,7 +11,7 @@ abstract class Endpoint {
abstract public function handle(Request $request): Response; abstract public function handle(Request $request): Response;
public function checkPermissions(): bool { public function checkPermissions(): bool {
return current_user_can('administrator'); return current_user_can(AccessControl::PERMISSION_MANAGE_AUTOMATIONS);
} }
/** @return array<string, Schema> */ /** @return array<string, Schema> */

8
mailpoet/lib/Config/AccessControl.php
View File

@ -12,6 +12,7 @@ class AccessControl {
const PERMISSION_MANAGE_SUBSCRIBERS = 'mailpoet_manage_subscribers'; const PERMISSION_MANAGE_SUBSCRIBERS = 'mailpoet_manage_subscribers';
const PERMISSION_MANAGE_FORMS = 'mailpoet_manage_forms'; const PERMISSION_MANAGE_FORMS = 'mailpoet_manage_forms';
const PERMISSION_MANAGE_SEGMENTS = 'mailpoet_manage_segments'; const PERMISSION_MANAGE_SEGMENTS = 'mailpoet_manage_segments';
const PERMISSION_MANAGE_AUTOMATIONS = 'mailpoet_manage_automations';
const NO_ACCESS_RESTRICTION = 'mailpoet_no_access_restriction'; const NO_ACCESS_RESTRICTION = 'mailpoet_no_access_restriction';
const ALL_ROLES_ACCESS = 'mailpoet_all_roles_access'; const ALL_ROLES_ACCESS = 'mailpoet_all_roles_access';
@ -61,6 +62,12 @@ class AccessControl {
'administrator', 'administrator',
] ]
), ),
self::PERMISSION_MANAGE_AUTOMATIONS => WPFunctions::get()->applyFilters(
'mailpoet_permission_manage_automations',
[
'administrator',
]
),
]; ];
} }
@ -73,6 +80,7 @@ class AccessControl {
self::PERMISSION_MANAGE_SUBSCRIBERS => WPFunctions::get()->__('Manage subscribers', 'mailpoet'), self::PERMISSION_MANAGE_SUBSCRIBERS => WPFunctions::get()->__('Manage subscribers', 'mailpoet'),
self::PERMISSION_MANAGE_FORMS => WPFunctions::get()->__('Manage forms', 'mailpoet'), self::PERMISSION_MANAGE_FORMS => WPFunctions::get()->__('Manage forms', 'mailpoet'),
self::PERMISSION_MANAGE_SEGMENTS => WPFunctions::get()->__('Manage segments', 'mailpoet'), self::PERMISSION_MANAGE_SEGMENTS => WPFunctions::get()->__('Manage segments', 'mailpoet'),
self::PERMISSION_MANAGE_AUTOMATIONS => WPFunctions::get()->__('Manage automations', 'mailpoet'),
]; ];
} }

2
mailpoet/lib/Config/Menu.php
View File

@ -419,7 +419,7 @@ class Menu {
true, true,
$this->setPageTitle('Automation Editor'), $this->setPageTitle('Automation Editor'),
'Automation Editor', 'Automation Editor',
AccessControl::PERMISSION_MANAGE_EMAILS, AccessControl::PERMISSION_MANAGE_AUTOMATIONS,
'mailpoet-automation-editor', 'mailpoet-automation-editor',
[$this, 'automationEditor'] [$this, 'automationEditor']
); );

9
mailpoet/tests/integration/Config/AccessControlTest.php
View File

@ -60,6 +60,12 @@ class AccessControlTest extends \MailPoetTest {
return ['custom_manage_segments_role']; return ['custom_manage_segments_role'];
} }
); );
$wp->addFilter(
'mailpoet_permission_manage_automations',
function() {
return ['custom_manage_automations_role'];
}
);
expect($this->accessControl->getDefaultPermissions())->equals( expect($this->accessControl->getDefaultPermissions())->equals(
[ [
@ -84,6 +90,9 @@ class AccessControlTest extends \MailPoetTest {
AccessControl::PERMISSION_MANAGE_SEGMENTS => [ AccessControl::PERMISSION_MANAGE_SEGMENTS => [
'custom_manage_segments_role', 'custom_manage_segments_role',
], ],
AccessControl::PERMISSION_MANAGE_AUTOMATIONS => [
'custom_manage_automations_role',
],
] ]
); );
} }