---
phase: 05-mentor-job-board
plan: 04
type: execute
depends_on: []
files_modified: [includes/class-access-control.php]
---
Protect single job posts from public access and enable Elementor template creation for job detail pages.
Purpose: Ensure individual job posts require login (consistent with archive protection) and provide infrastructure for Elementor Pro theme builder to create job detail templates.
Output: Protected single job posts with access control, Elementor template guidance for user creation.
~/.claude/get-shit-done/workflows/execute-plan.md
./summary.md
~/.claude/get-shit-done/references/checkpoints.md
@.planning/PROJECT.md
@.planning/ROADMAP.md
@.planning/STATE.md
# Prior work this plan builds on:
@.planning/phases/01-foundation-setup/01-02-SUMMARY.md
@.planning/phases/01-foundation-setup/01-03-SUMMARY.md
@.planning/phases/05-mentor-job-board/05-01-SUMMARY.md
@.planning/phases/05-mentor-job-board/05-02-SUMMARY.md
@.planning/phases/05-mentor-job-board/05-03-SUMMARY.md
# Source files:
@includes/class-access-control.php
**Tech stack available:** template_redirect hook, is_singular(), is_user_logged_in(), Elementor Pro Theme Builder
**Established patterns:**
- Access control via template_redirect hook (Phase 02-04, 05-01)
- Redirect to /anbieter-login/ for non-logged-in users (Phase 05-01)
- ACF fields available for Elementor integration (Phase 01-03)
- Logo with 200x200px auto-crop (Phase 05-03)
- Application form available for popup/modal (Phase 05-02)
**Constraining decisions:**
- Phase 05-01: Archive protection redirects to /anbieter-login/ using home_url() for consistency
- Phase 05-01: Access control uses template_redirect hook at priority 10
- PROJECT.md: All job content requires login (line 37: "Public job listings — all content requires login")
- PROJECT.md: Job detail page with apply button → popup form → email to provider
- Phase 01-03: All job fields available as ACF fields (title, description, location, type, contact_email, logo)
- Phase 05-02: Application form created with key 'job_application', ready for Elementor integration
Task 1: Add single job post access control
includes/class-access-control.php
Add method protect_single_job() following the exact pattern from protect_job_archive(). Method should: (1) Hook to template_redirect at priority 10, (2) Check if current page is single job_offer post using is_singular('job_offer'), (3) If not logged in, redirect to home_url('/anbieter-login/') using wp_safe_redirect and exit, (4) If logged in, allow access (no role check - any logged-in user can view jobs, including mentors/subscribers and providers). Register hook in existing setup_hooks() method by adding add_action('template_redirect', array(__CLASS__, 'protect_single_job')). This ensures consistency with archive protection and matches PROJECT.md requirement that all job content requires login.
Check class-access-control.php contains protect_single_job() method. Verify method uses is_singular('job_offer') check. Confirm redirect uses home_url('/anbieter-login/') matching archive pattern. Verify hook registered in setup_hooks().
Single job post protection method exists, follows archive protection pattern, redirects non-logged-in users to /anbieter-login/, hook registered in setup_hooks()
Backend infrastructure complete - single job posts now protected from public access, all ACF fields and forms available for Elementor integration
**Backend verification (automated):**
1. While logged out, try to access a single job post URL (e.g., /jobangebote/test-job/)
2. Confirm redirect to /anbieter-login/ page
3. Log in as mentor/subscriber
4. Confirm job post loads successfully
**Elementor template creation (manual - UI work):**
The Elementor template is created through WordPress admin UI, not via code. Here's what's available:
**Available ACF Fields for Elementor:**
- job_title (post title - use Post Title widget)
- job_description (post content - use Post Content widget)
- job_location (ACF field)
- job_type (ACF field)
- job_contact_email (ACF field)
- job_logo (ACF image field, returns ID, has 'job-logo' size at 200x200px)
**Application Form Integration:**
- Form key: 'job_application'
- Can be embedded via Elementor Shortcode widget: [formidable id="job_application"]
- Or use popup/modal trigger with Elementor Pro
- Form automatically includes hidden job_id field and sends email to job_contact_email
**Template Creation Steps:**
1. WordPress Admin → Templates → Theme Builder → Single
2. Create new single template with condition: Single | Post Type | job_offer
3. Add Elementor widgets:
- Post Title for job title
- Post Content for job description
- ACF widgets for location, type, contact email
- Image widget for logo (select ACF field job_logo, size: job-logo)
- Button/Popup for application form
4. Preview with any published job post
5. Publish template
**What to verify:**
- All job fields display correctly
- Logo displays at 200x200px (cropped)
- Apply button triggers form (popup or inline)
- Form submission sends email to job provider
- Only logged-in users can access page
Type "approved" when backend verified and Elementor template guidance noted, or describe any issues
Before declaring plan complete:
- [ ] Single job post protection method exists in class-access-control.php
- [ ] Non-logged-in users redirected to /anbieter-login/ when accessing single job posts
- [ ] Logged-in users can access single job posts
- [ ] Redirect pattern matches archive protection (home_url, wp_safe_redirect)
- [ ] Hook registered in setup_hooks() method
- Single job post access control implemented following archive protection pattern
- Non-logged-in users cannot access individual job posts
- Logged-in users (mentors, providers) can access job posts
- Redirect to /anbieter-login/ consistent with archive protection
- Elementor template guidance provided for manual UI work
- Phase 5 complete - mentor job board fully functional (backend infrastructure)