feat(05-01): add job archive access control

Protect job archive from public access by redirecting non-logged-in users to /anbieter-login/. Only authenticated users (mentors/subscribers) can browse the /jobangebote/ archive. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-14 20:29:18 +09:00
parent ac60de5d99
commit e21de5a9e9
1 changed files with 21 additions and 0 deletions
--- a/includes/class-access-control.php
+++ b/includes/class-access-control.php
@@ -24,6 +24,9 @@ class DDHH_JM_Access_Control {

 		// Protect dashboard page (logged-in providers only)
 		add_action( 'template_redirect', array( __CLASS__, 'protect_dashboard' ) );
+
+		// Protect job archive (logged-in users only)
+		add_action( 'template_redirect', array( __CLASS__, 'protect_job_archive' ) );
 	}

 	/**
@@ -116,4 +119,22 @@ class DDHH_JM_Access_Control {
 			exit;
 		}
 	}
+
+	/**
+	 * Protect job archive (logged-in users only)
+	 */
+	public static function protect_job_archive() {
+		// Check if current page is job_offer archive
+		if ( ! is_post_type_archive( 'job_offer' ) ) {
+			return; // Not job archive
+		}
+
+		// Check if user is logged in
+		if ( ! is_user_logged_in() ) {
+			// Redirect to provider login page
+			$login_url = home_url( '/anbieter-login/' );
+			wp_safe_redirect( $login_url );
+			exit;
+		}
+	}
 }