vmiller/Digital-Dabei-Hamburg-Job-Manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9142b56a9f5d84d624609fd72998f209dfbf5f43
Digital-Dabei-Hamburg-Job-M…/includes/class-access-control.php
Viktor Miller 2e8bef56b8 feat(05-04): protect single job posts from public access 
Add protect_single_job() method to access control class following the
same pattern as job archive protection. Non-logged-in users are
redirected to /anbieter-login/ when attempting to access individual
job_offer posts. Logged-in users (any role) can view job details.

Completes backend infrastructure for Phase 5 mentor job board. All ACF
fields and application form ready for Elementor template integration.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-14 20:51:11 +09:00

162 lines
4.2 KiB
PHP
Raw Blame History

<?php
/**
* Access Control class
*
* Handles access restrictions and redirects for provider role
*
* @package DDHH_Job_Manager
*/
// Exit if accessed directly.
defined( 'ABSPATH' ) || exit;
/**
* Access Control class
*/
class DDHH_JM_Access_Control {
/**
* Initialize hooks
*/
public static function setup_hooks() {
// Redirect providers away from WP-Admin
add_action( 'admin_init', array( __CLASS__, 'redirect_providers_from_admin' ) );
// Protect dashboard page (logged-in providers only)
add_action( 'template_redirect', array( __CLASS__, 'protect_dashboard' ) );
// Protect job archive (logged-in users only)
add_action( 'template_redirect', array( __CLASS__, 'protect_job_archive' ) );
// Protect single job posts (logged-in users only)
add_action( 'template_redirect', array( __CLASS__, 'protect_single_job' ) );
}
/**
* Redirect providers away from WP-Admin (except profile and AJAX)
*/
public static function redirect_providers_from_admin() {
// Get current user
$user = wp_get_current_user();
// Check if user has ddhh_provider role
if ( ! in_array( 'ddhh_provider', (array) $user->roles, true ) ) {
return; // Not a provider, allow access
}
// Allow access to profile.php (providers can edit their profile)
// phpcs:ignore WordPress.Security.NonceVerification.Recommended
if ( isset( $_SERVER['SCRIPT_NAME'] ) && strpos( $_SERVER['SCRIPT_NAME'], 'profile.php' ) !== false ) {
return;
}
// Allow access to admin-ajax.php (needed for AJAX requests)
// phpcs:ignore WordPress.Security.NonceVerification.Recommended
if ( isset( $_SERVER['SCRIPT_NAME'] ) && strpos( $_SERVER['SCRIPT_NAME'], 'admin-ajax.php' ) !== false ) {
return;
}
// Get dashboard page URL
$dashboard_page_id = get_option( 'ddhh_jm_dashboard_page_id' );
if ( ! $dashboard_page_id ) {
return; // Dashboard page not created yet
}
$dashboard_url = get_permalink( $dashboard_page_id );
if ( ! $dashboard_url ) {
return; // Could not get dashboard URL
}
// Redirect to dashboard
wp_redirect( $dashboard_url );
exit;
}
/**
* Protect dashboard page (logged-in providers only)
*/
public static function protect_dashboard() {
// Get dashboard page ID
$dashboard_page_id = get_option( 'ddhh_jm_dashboard_page_id' );
if ( ! $dashboard_page_id ) {
return; // Dashboard page not created yet
}
// Check if current page is dashboard page
if ( ! is_page( $dashboard_page_id ) ) {
return; // Not dashboard page
}
// Check if user is logged in
if ( ! is_user_logged_in() ) {
// Get login page URL
$login_page_id = get_option( 'ddhh_jm_login_page_id' );
if ( $login_page_id ) {
$login_url = get_permalink( $login_page_id );
if ( $login_url ) {
wp_redirect( $login_url );
exit;
}
}
// Fallback to WordPress login
wp_redirect( wp_login_url( get_permalink( $dashboard_page_id ) ) );
exit;
}
// Check if user has ddhh_provider role
$user = wp_get_current_user();
if ( ! in_array( 'ddhh_provider', (array) $user->roles, true ) ) {
// User is logged in but not a provider
$login_page_id = get_option( 'ddhh_jm_login_page_id' );
if ( $login_page_id ) {
$login_url = get_permalink( $login_page_id );
if ( $login_url ) {
wp_redirect( $login_url );
exit;
}
}
// Fallback to WordPress login
wp_redirect( wp_login_url( get_permalink( $dashboard_page_id ) ) );
exit;
}
}
/**
* Protect job archive (logged-in users only)
*/
public static function protect_job_archive() {
// Check if current page is job_offer archive
if ( ! is_post_type_archive( 'job_offer' ) ) {
return; // Not job archive
}
// Check if user is logged in
if ( ! is_user_logged_in() ) {
// Redirect to provider login page
$login_url = home_url( '/anbieter-login/' );
wp_safe_redirect( $login_url );
exit;
}
}
/**
* Protect single job posts (logged-in users only)
*/
public static function protect_single_job() {
// Check if current page is single job_offer post
if ( ! is_singular( 'job_offer' ) ) {
return; // Not single job post
}
// Check if user is logged in
if ( ! is_user_logged_in() ) {
// Redirect to provider login page
$login_url = home_url( '/anbieter-login/' );
wp_safe_redirect( $login_url );
exit;
}
}
}
Reference in New Issue View Git Blame Copy Permalink