Add permissions to manage automations

[MAILPOET-4287]
2022-05-18 14:51:31 +02:00
parent 73776206cc
commit d9c47a40f2
4 changed files with 20 additions and 2 deletions
--- a/mailpoet/lib/Automation/Engine/API/Endpoint.php
+++ b/mailpoet/lib/Automation/Engine/API/Endpoint.php
@ -2,6 +2,7 @@

 namespace MailPoet\Automation\Engine\API;

+use MailPoet\Config\AccessControl;
 use MailPoet\Validator\Schema;

 use function current_user_can;
@ -10,7 +11,7 @@ abstract class Endpoint {
  abstract public function handle(Request $request): Response;

  public function checkPermissions(): bool {
-    return current_user_can('administrator');
+    return current_user_can(AccessControl::PERMISSION_MANAGE_AUTOMATIONS);
  }

  /** @return array<string, Schema> */
--- a/mailpoet/lib/Config/AccessControl.php
+++ b/mailpoet/lib/Config/AccessControl.php
@ -12,6 +12,7 @@ class AccessControl {
  const PERMISSION_MANAGE_SUBSCRIBERS = 'mailpoet_manage_subscribers';
  const PERMISSION_MANAGE_FORMS = 'mailpoet_manage_forms';
  const PERMISSION_MANAGE_SEGMENTS = 'mailpoet_manage_segments';
+  const PERMISSION_MANAGE_AUTOMATIONS = 'mailpoet_manage_automations';
  const NO_ACCESS_RESTRICTION = 'mailpoet_no_access_restriction';
  const ALL_ROLES_ACCESS = 'mailpoet_all_roles_access';

@ -61,6 +62,12 @@ class AccessControl {
          'administrator',
        ]
      ),
+      self::PERMISSION_MANAGE_AUTOMATIONS => WPFunctions::get()->applyFilters(
+        'mailpoet_permission_manage_automations',
+        [
+          'administrator',
+        ]
+      ),
    ];
  }

@ -73,6 +80,7 @@ class AccessControl {
      self::PERMISSION_MANAGE_SUBSCRIBERS => WPFunctions::get()->__('Manage subscribers', 'mailpoet'),
      self::PERMISSION_MANAGE_FORMS => WPFunctions::get()->__('Manage forms', 'mailpoet'),
      self::PERMISSION_MANAGE_SEGMENTS => WPFunctions::get()->__('Manage segments', 'mailpoet'),
+      self::PERMISSION_MANAGE_AUTOMATIONS => WPFunctions::get()->__('Manage automations', 'mailpoet'),
    ];
  }

--- a/mailpoet/lib/Config/Menu.php
+++ b/mailpoet/lib/Config/Menu.php
@ -419,7 +419,7 @@ class Menu {
        true,
        $this->setPageTitle('Automation Editor'),
        'Automation Editor',
-        AccessControl::PERMISSION_MANAGE_EMAILS,
+        AccessControl::PERMISSION_MANAGE_AUTOMATIONS,
        'mailpoet-automation-editor',
        [$this, 'automationEditor']
      );
--- a/mailpoet/tests/integration/Config/AccessControlTest.php
+++ b/mailpoet/tests/integration/Config/AccessControlTest.php
@ -60,6 +60,12 @@ class AccessControlTest extends \MailPoetTest {
        return ['custom_manage_segments_role'];
      }
    );
+    $wp->addFilter(
+      'mailpoet_permission_manage_automations',
+      function() {
+        return ['custom_manage_automations_role'];
+      }
+    );

    expect($this->accessControl->getDefaultPermissions())->equals(
      [
@ -84,6 +90,9 @@ class AccessControlTest extends \MailPoetTest {
        AccessControl::PERMISSION_MANAGE_SEGMENTS => [
          'custom_manage_segments_role',
        ],
+        AccessControl::PERMISSION_MANAGE_AUTOMATIONS => [
+          'custom_manage_automations_role',
+        ],
      ]
    );
  }