feat(02-04): implement WP-Admin redirect for providers
- Create DDHH_JM_Access_Control class with redirect logic - Redirect providers from WP-Admin to dashboard page - Preserve access to profile.php for password/email changes - Preserve access to admin-ajax.php for AJAX requests - Integrate access control hooks in main plugin class Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -34,6 +34,7 @@ require_once DDHH_JM_PLUGIN_DIR . 'includes/class-acf-fields.php';
|
|||||||
require_once DDHH_JM_PLUGIN_DIR . 'includes/class-formidable.php';
|
require_once DDHH_JM_PLUGIN_DIR . 'includes/class-formidable.php';
|
||||||
require_once DDHH_JM_PLUGIN_DIR . 'includes/class-pages.php';
|
require_once DDHH_JM_PLUGIN_DIR . 'includes/class-pages.php';
|
||||||
require_once DDHH_JM_PLUGIN_DIR . 'includes/class-dashboard.php';
|
require_once DDHH_JM_PLUGIN_DIR . 'includes/class-dashboard.php';
|
||||||
|
require_once DDHH_JM_PLUGIN_DIR . 'includes/class-access-control.php';
|
||||||
require_once DDHH_JM_PLUGIN_DIR . 'includes/class-ddhh-job-manager.php';
|
require_once DDHH_JM_PLUGIN_DIR . 'includes/class-ddhh-job-manager.php';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
119
includes/class-access-control.php
Normal file
119
includes/class-access-control.php
Normal file
@@ -0,0 +1,119 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Access Control class
|
||||||
|
*
|
||||||
|
* Handles access restrictions and redirects for provider role
|
||||||
|
*
|
||||||
|
* @package DDHH_Job_Manager
|
||||||
|
*/
|
||||||
|
|
||||||
|
// Exit if accessed directly.
|
||||||
|
defined( 'ABSPATH' ) || exit;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Access Control class
|
||||||
|
*/
|
||||||
|
class DDHH_JM_Access_Control {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Initialize hooks
|
||||||
|
*/
|
||||||
|
public static function setup_hooks() {
|
||||||
|
// Redirect providers away from WP-Admin
|
||||||
|
add_action( 'admin_init', array( __CLASS__, 'redirect_providers_from_admin' ) );
|
||||||
|
|
||||||
|
// Protect dashboard page (logged-in providers only)
|
||||||
|
add_action( 'template_redirect', array( __CLASS__, 'protect_dashboard' ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Redirect providers away from WP-Admin (except profile and AJAX)
|
||||||
|
*/
|
||||||
|
public static function redirect_providers_from_admin() {
|
||||||
|
// Get current user
|
||||||
|
$user = wp_get_current_user();
|
||||||
|
|
||||||
|
// Check if user has ddhh_provider role
|
||||||
|
if ( ! in_array( 'ddhh_provider', (array) $user->roles, true ) ) {
|
||||||
|
return; // Not a provider, allow access
|
||||||
|
}
|
||||||
|
|
||||||
|
// Allow access to profile.php (providers can edit their profile)
|
||||||
|
// phpcs:ignore WordPress.Security.NonceVerification.Recommended
|
||||||
|
if ( isset( $_SERVER['SCRIPT_NAME'] ) && strpos( $_SERVER['SCRIPT_NAME'], 'profile.php' ) !== false ) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Allow access to admin-ajax.php (needed for AJAX requests)
|
||||||
|
// phpcs:ignore WordPress.Security.NonceVerification.Recommended
|
||||||
|
if ( isset( $_SERVER['SCRIPT_NAME'] ) && strpos( $_SERVER['SCRIPT_NAME'], 'admin-ajax.php' ) !== false ) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get dashboard page URL
|
||||||
|
$dashboard_page_id = get_option( 'ddhh_jm_dashboard_page_id' );
|
||||||
|
if ( ! $dashboard_page_id ) {
|
||||||
|
return; // Dashboard page not created yet
|
||||||
|
}
|
||||||
|
|
||||||
|
$dashboard_url = get_permalink( $dashboard_page_id );
|
||||||
|
if ( ! $dashboard_url ) {
|
||||||
|
return; // Could not get dashboard URL
|
||||||
|
}
|
||||||
|
|
||||||
|
// Redirect to dashboard
|
||||||
|
wp_redirect( $dashboard_url );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Protect dashboard page (logged-in providers only)
|
||||||
|
*/
|
||||||
|
public static function protect_dashboard() {
|
||||||
|
// Get dashboard page ID
|
||||||
|
$dashboard_page_id = get_option( 'ddhh_jm_dashboard_page_id' );
|
||||||
|
if ( ! $dashboard_page_id ) {
|
||||||
|
return; // Dashboard page not created yet
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if current page is dashboard page
|
||||||
|
if ( ! is_page( $dashboard_page_id ) ) {
|
||||||
|
return; // Not dashboard page
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if user is logged in
|
||||||
|
if ( ! is_user_logged_in() ) {
|
||||||
|
// Get login page URL
|
||||||
|
$login_page_id = get_option( 'ddhh_jm_login_page_id' );
|
||||||
|
if ( $login_page_id ) {
|
||||||
|
$login_url = get_permalink( $login_page_id );
|
||||||
|
if ( $login_url ) {
|
||||||
|
wp_redirect( $login_url );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Fallback to WordPress login
|
||||||
|
wp_redirect( wp_login_url( get_permalink( $dashboard_page_id ) ) );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if user has ddhh_provider role
|
||||||
|
$user = wp_get_current_user();
|
||||||
|
if ( ! in_array( 'ddhh_provider', (array) $user->roles, true ) ) {
|
||||||
|
// User is logged in but not a provider
|
||||||
|
$login_page_id = get_option( 'ddhh_jm_login_page_id' );
|
||||||
|
if ( $login_page_id ) {
|
||||||
|
$login_url = get_permalink( $login_page_id );
|
||||||
|
if ( $login_url ) {
|
||||||
|
wp_redirect( $login_url );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Fallback to WordPress login
|
||||||
|
wp_redirect( wp_login_url( get_permalink( $dashboard_page_id ) ) );
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -58,5 +58,8 @@ class DDHH_JM_Job_Manager {
|
|||||||
|
|
||||||
// Initialize dashboard
|
// Initialize dashboard
|
||||||
add_action( 'init', array( 'DDHH_JM_Dashboard', 'init' ) );
|
add_action( 'init', array( 'DDHH_JM_Dashboard', 'init' ) );
|
||||||
|
|
||||||
|
// Initialize access control
|
||||||
|
add_action( 'init', array( 'DDHH_JM_Access_Control', 'setup_hooks' ) );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user