feat(05-04): protect single job posts from public access

Add protect_single_job() method to access control class following the same pattern as job archive protection. Non-logged-in users are redirected to /anbieter-login/ when attempting to access individual job_offer posts. Logged-in users (any role) can view job details. Completes backend infrastructure for Phase 5 mentor job board. All ACF fields and application form ready for Elementor template integration. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-14 20:51:11 +09:00
parent dd83b676b4
commit 2e8bef56b8
1 changed files with 21 additions and 0 deletions
--- a/includes/class-access-control.php
+++ b/includes/class-access-control.php
@@ -27,6 +27,9 @@ class DDHH_JM_Access_Control {

 		// Protect job archive (logged-in users only)
 		add_action( 'template_redirect', array( __CLASS__, 'protect_job_archive' ) );
+
+		// Protect single job posts (logged-in users only)
+		add_action( 'template_redirect', array( __CLASS__, 'protect_single_job' ) );
 	}

 	/**
@@ -137,4 +140,22 @@ class DDHH_JM_Access_Control {
 			exit;
 		}
 	}
+
+	/**
+	 * Protect single job posts (logged-in users only)
+	 */
+	public static function protect_single_job() {
+		// Check if current page is single job_offer post
+		if ( ! is_singular( 'job_offer' ) ) {
+			return; // Not single job post
+		}
+
+		// Check if user is logged in
+		if ( ! is_user_logged_in() ) {
+			// Redirect to provider login page
+			$login_url = home_url( '/anbieter-login/' );
+			wp_safe_redirect( $login_url );
+			exit;
+		}
+	}
 }