eventespresso /
event-espresso-core
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | protected function _generate_restrictions(): array |
| 20 | 20 | { |
| 21 | 21 | // if there are no standard caps for this model, then for allow full access |
| 22 | - if (! $this->model()->cap_slug()) { |
|
| 22 | + if ( ! $this->model()->cap_slug()) { |
|
| 23 | 23 | return []; |
| 24 | 24 | } |
| 25 | 25 | |
@@ -32,17 +32,17 @@ discard block |
||
| 32 | 32 | ) |
| 33 | 33 | ) { |
| 34 | 34 | if ($this->model() instanceof EEM_CPT_Base) { |
| 35 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 35 | + $restrictions[EE_Restriction_Generator_Base::get_cap_name( |
|
| 36 | 36 | $this->model(), |
| 37 | 37 | $this->action() |
| 38 | - ) ] = new EE_Default_Where_Conditions( |
|
| 38 | + )] = new EE_Default_Where_Conditions( |
|
| 39 | 39 | $this->addPublishedPostConditions() |
| 40 | 40 | ); |
| 41 | 41 | } elseif ($this->model() instanceof EEM_Soft_Delete_Base) { |
| 42 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 42 | + $restrictions[EE_Restriction_Generator_Base::get_cap_name( |
|
| 43 | 43 | $this->model(), |
| 44 | 44 | $this->action() |
| 45 | - ) ] = new EE_Default_Where_Conditions( |
|
| 45 | + )] = new EE_Default_Where_Conditions( |
|
| 46 | 46 | [$this->model()->deleted_field_name() => false] |
| 47 | 47 | ); |
| 48 | 48 | } |
@@ -52,21 +52,21 @@ discard block |
||
| 52 | 52 | if ( |
| 53 | 53 | EE_Restriction_Generator_Base::is_cap( |
| 54 | 54 | $this->model(), |
| 55 | - $this->action() . '_others' |
|
| 55 | + $this->action().'_others' |
|
| 56 | 56 | ) |
| 57 | 57 | ) {// both caps exist |
| 58 | 58 | if ($this->model() instanceof EEM_CPT_Base) { |
| 59 | 59 | // then if they don't have the others cap, |
| 60 | 60 | // AT MOST show them their own and other published ones |
| 61 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 61 | + $restrictions[EE_Restriction_Generator_Base::get_cap_name( |
|
| 62 | 62 | $this->model(), |
| 63 | - $this->action() . '_others' |
|
| 64 | - ) ] = new EE_Default_Where_Conditions( |
|
| 63 | + $this->action().'_others' |
|
| 64 | + )] = new EE_Default_Where_Conditions( |
|
| 65 | 65 | [ |
| 66 | - 'OR*' . |
|
| 66 | + 'OR*'. |
|
| 67 | 67 | EE_Restriction_Generator_Base::get_cap_name( |
| 68 | 68 | $this->model(), |
| 69 | - $this->action() . '_others' |
|
| 69 | + $this->action().'_others' |
|
| 70 | 70 | ) => $this->addPublishedPostConditions( |
| 71 | 71 | [ |
| 72 | 72 | EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
@@ -77,15 +77,15 @@ discard block |
||
| 77 | 77 | } elseif ($this->model() instanceof EEM_Soft_Delete_Base) { |
| 78 | 78 | // then if they don't have the other cap, |
| 79 | 79 | // AT MOST show them their own or non deleted ones |
| 80 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 80 | + $restrictions[EE_Restriction_Generator_Base::get_cap_name( |
|
| 81 | 81 | $this->model(), |
| 82 | - $this->action() . '_others' |
|
| 83 | - ) ] = new EE_Default_Where_Conditions( |
|
| 82 | + $this->action().'_others' |
|
| 83 | + )] = new EE_Default_Where_Conditions( |
|
| 84 | 84 | [ |
| 85 | - 'OR*' . |
|
| 85 | + 'OR*'. |
|
| 86 | 86 | EE_Restriction_Generator_Base::get_cap_name( |
| 87 | 87 | $this->model(), |
| 88 | - $this->action() . '_others' |
|
| 88 | + $this->action().'_others' |
|
| 89 | 89 | ) => [ |
| 90 | 90 | EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
| 91 | 91 | $this->model()->deleted_field_name( |
@@ -101,20 +101,20 @@ discard block |
||
| 101 | 101 | if ( |
| 102 | 102 | EE_Restriction_Generator_Base::is_cap( |
| 103 | 103 | $this->model(), |
| 104 | - $this->action() . '_private' |
|
| 104 | + $this->action().'_private' |
|
| 105 | 105 | ) && $this->model() instanceof EEM_CPT_Base |
| 106 | 106 | ) { |
| 107 | 107 | // if they have basic and others, but not private, |
| 108 | 108 | // restrict them to see theirs and others' that aren't private |
| 109 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 109 | + $restrictions[EE_Restriction_Generator_Base::get_cap_name( |
|
| 110 | 110 | $this->model(), |
| 111 | - $this->action() . '_private' |
|
| 112 | - ) ] = new EE_Default_Where_Conditions( |
|
| 111 | + $this->action().'_private' |
|
| 112 | + )] = new EE_Default_Where_Conditions( |
|
| 113 | 113 | [ |
| 114 | - 'OR*' . |
|
| 114 | + 'OR*'. |
|
| 115 | 115 | EE_Restriction_Generator_Base::get_cap_name( |
| 116 | 116 | $this->model(), |
| 117 | - $this->action() . '_private' |
|
| 117 | + $this->action().'_private' |
|
| 118 | 118 | ) => $this->addPublishedPostConditions( |
| 119 | 119 | [ |
| 120 | 120 | EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
@@ -11,123 +11,123 @@ |
||
| 11 | 11 | */ |
| 12 | 12 | class EE_Restriction_Generator_Public extends EE_Restriction_Generator_Base |
| 13 | 13 | { |
| 14 | - /** |
|
| 15 | - * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 16 | - * @throws EE_Error |
|
| 17 | - */ |
|
| 18 | - protected function _generate_restrictions(): array |
|
| 19 | - { |
|
| 20 | - // if there are no standard caps for this model, then for allow full access |
|
| 21 | - if (! $this->model()->cap_slug()) { |
|
| 22 | - return []; |
|
| 23 | - } |
|
| 14 | + /** |
|
| 15 | + * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 16 | + * @throws EE_Error |
|
| 17 | + */ |
|
| 18 | + protected function _generate_restrictions(): array |
|
| 19 | + { |
|
| 20 | + // if there are no standard caps for this model, then for allow full access |
|
| 21 | + if (! $this->model()->cap_slug()) { |
|
| 22 | + return []; |
|
| 23 | + } |
|
| 24 | 24 | |
| 25 | - $restrictions = []; |
|
| 26 | - // does the basic cap exist? (eg 'ee_read_registrations') |
|
| 27 | - if ( |
|
| 28 | - EE_Restriction_Generator_Base::is_cap( |
|
| 29 | - $this->model(), |
|
| 30 | - $this->action() |
|
| 31 | - ) |
|
| 32 | - ) { |
|
| 33 | - if ($this->model() instanceof EEM_CPT_Base) { |
|
| 34 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 35 | - $this->model(), |
|
| 36 | - $this->action() |
|
| 37 | - ) ] = new EE_Default_Where_Conditions( |
|
| 38 | - $this->addPublishedPostConditions() |
|
| 39 | - ); |
|
| 40 | - } elseif ($this->model() instanceof EEM_Soft_Delete_Base) { |
|
| 41 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 42 | - $this->model(), |
|
| 43 | - $this->action() |
|
| 44 | - ) ] = new EE_Default_Where_Conditions( |
|
| 45 | - [$this->model()->deleted_field_name() => false] |
|
| 46 | - ); |
|
| 47 | - } |
|
| 48 | - // don't impose any restrictions if they don't have the basic reading cap |
|
| 25 | + $restrictions = []; |
|
| 26 | + // does the basic cap exist? (eg 'ee_read_registrations') |
|
| 27 | + if ( |
|
| 28 | + EE_Restriction_Generator_Base::is_cap( |
|
| 29 | + $this->model(), |
|
| 30 | + $this->action() |
|
| 31 | + ) |
|
| 32 | + ) { |
|
| 33 | + if ($this->model() instanceof EEM_CPT_Base) { |
|
| 34 | + $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 35 | + $this->model(), |
|
| 36 | + $this->action() |
|
| 37 | + ) ] = new EE_Default_Where_Conditions( |
|
| 38 | + $this->addPublishedPostConditions() |
|
| 39 | + ); |
|
| 40 | + } elseif ($this->model() instanceof EEM_Soft_Delete_Base) { |
|
| 41 | + $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 42 | + $this->model(), |
|
| 43 | + $this->action() |
|
| 44 | + ) ] = new EE_Default_Where_Conditions( |
|
| 45 | + [$this->model()->deleted_field_name() => false] |
|
| 46 | + ); |
|
| 47 | + } |
|
| 48 | + // don't impose any restrictions if they don't have the basic reading cap |
|
| 49 | 49 | |
| 50 | - // does the others cap exist? (eg 'ee_read_others_registrations') |
|
| 51 | - if ( |
|
| 52 | - EE_Restriction_Generator_Base::is_cap( |
|
| 53 | - $this->model(), |
|
| 54 | - $this->action() . '_others' |
|
| 55 | - ) |
|
| 56 | - ) {// both caps exist |
|
| 57 | - if ($this->model() instanceof EEM_CPT_Base) { |
|
| 58 | - // then if they don't have the others cap, |
|
| 59 | - // AT MOST show them their own and other published ones |
|
| 60 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 61 | - $this->model(), |
|
| 62 | - $this->action() . '_others' |
|
| 63 | - ) ] = new EE_Default_Where_Conditions( |
|
| 64 | - [ |
|
| 65 | - 'OR*' . |
|
| 66 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 67 | - $this->model(), |
|
| 68 | - $this->action() . '_others' |
|
| 69 | - ) => $this->addPublishedPostConditions( |
|
| 70 | - [ |
|
| 71 | - EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 72 | - ] |
|
| 73 | - ), |
|
| 74 | - ] |
|
| 75 | - ); |
|
| 76 | - } elseif ($this->model() instanceof EEM_Soft_Delete_Base) { |
|
| 77 | - // then if they don't have the other cap, |
|
| 78 | - // AT MOST show them their own or non deleted ones |
|
| 79 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 80 | - $this->model(), |
|
| 81 | - $this->action() . '_others' |
|
| 82 | - ) ] = new EE_Default_Where_Conditions( |
|
| 83 | - [ |
|
| 84 | - 'OR*' . |
|
| 85 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 86 | - $this->model(), |
|
| 87 | - $this->action() . '_others' |
|
| 88 | - ) => [ |
|
| 89 | - EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 90 | - $this->model()->deleted_field_name( |
|
| 91 | - ) => false, |
|
| 92 | - ], |
|
| 93 | - ] |
|
| 94 | - ); |
|
| 95 | - } |
|
| 96 | - // again, if they don't have the others cap, |
|
| 97 | - // continue showing all because there are no inherently hidden ones |
|
| 50 | + // does the others cap exist? (eg 'ee_read_others_registrations') |
|
| 51 | + if ( |
|
| 52 | + EE_Restriction_Generator_Base::is_cap( |
|
| 53 | + $this->model(), |
|
| 54 | + $this->action() . '_others' |
|
| 55 | + ) |
|
| 56 | + ) {// both caps exist |
|
| 57 | + if ($this->model() instanceof EEM_CPT_Base) { |
|
| 58 | + // then if they don't have the others cap, |
|
| 59 | + // AT MOST show them their own and other published ones |
|
| 60 | + $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 61 | + $this->model(), |
|
| 62 | + $this->action() . '_others' |
|
| 63 | + ) ] = new EE_Default_Where_Conditions( |
|
| 64 | + [ |
|
| 65 | + 'OR*' . |
|
| 66 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 67 | + $this->model(), |
|
| 68 | + $this->action() . '_others' |
|
| 69 | + ) => $this->addPublishedPostConditions( |
|
| 70 | + [ |
|
| 71 | + EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 72 | + ] |
|
| 73 | + ), |
|
| 74 | + ] |
|
| 75 | + ); |
|
| 76 | + } elseif ($this->model() instanceof EEM_Soft_Delete_Base) { |
|
| 77 | + // then if they don't have the other cap, |
|
| 78 | + // AT MOST show them their own or non deleted ones |
|
| 79 | + $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 80 | + $this->model(), |
|
| 81 | + $this->action() . '_others' |
|
| 82 | + ) ] = new EE_Default_Where_Conditions( |
|
| 83 | + [ |
|
| 84 | + 'OR*' . |
|
| 85 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 86 | + $this->model(), |
|
| 87 | + $this->action() . '_others' |
|
| 88 | + ) => [ |
|
| 89 | + EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 90 | + $this->model()->deleted_field_name( |
|
| 91 | + ) => false, |
|
| 92 | + ], |
|
| 93 | + ] |
|
| 94 | + ); |
|
| 95 | + } |
|
| 96 | + // again, if they don't have the others cap, |
|
| 97 | + // continue showing all because there are no inherently hidden ones |
|
| 98 | 98 | |
| 99 | - // does the private cap exist (eg 'ee_read_others_private_events') |
|
| 100 | - if ( |
|
| 101 | - EE_Restriction_Generator_Base::is_cap( |
|
| 102 | - $this->model(), |
|
| 103 | - $this->action() . '_private' |
|
| 104 | - ) && $this->model() instanceof EEM_CPT_Base |
|
| 105 | - ) { |
|
| 106 | - // if they have basic and others, but not private, |
|
| 107 | - // restrict them to see theirs and others' that aren't private |
|
| 108 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 109 | - $this->model(), |
|
| 110 | - $this->action() . '_private' |
|
| 111 | - ) ] = new EE_Default_Where_Conditions( |
|
| 112 | - [ |
|
| 113 | - 'OR*' . |
|
| 114 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 115 | - $this->model(), |
|
| 116 | - $this->action() . '_private' |
|
| 117 | - ) => $this->addPublishedPostConditions( |
|
| 118 | - [ |
|
| 119 | - EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 120 | - ], |
|
| 121 | - false |
|
| 122 | - ), |
|
| 123 | - ] |
|
| 124 | - ); |
|
| 125 | - } |
|
| 126 | - } |
|
| 127 | - } else { |
|
| 128 | - // there is no basic cap. So allow full access |
|
| 129 | - $restrictions = []; |
|
| 130 | - } |
|
| 131 | - return $restrictions; |
|
| 132 | - } |
|
| 99 | + // does the private cap exist (eg 'ee_read_others_private_events') |
|
| 100 | + if ( |
|
| 101 | + EE_Restriction_Generator_Base::is_cap( |
|
| 102 | + $this->model(), |
|
| 103 | + $this->action() . '_private' |
|
| 104 | + ) && $this->model() instanceof EEM_CPT_Base |
|
| 105 | + ) { |
|
| 106 | + // if they have basic and others, but not private, |
|
| 107 | + // restrict them to see theirs and others' that aren't private |
|
| 108 | + $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 109 | + $this->model(), |
|
| 110 | + $this->action() . '_private' |
|
| 111 | + ) ] = new EE_Default_Where_Conditions( |
|
| 112 | + [ |
|
| 113 | + 'OR*' . |
|
| 114 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 115 | + $this->model(), |
|
| 116 | + $this->action() . '_private' |
|
| 117 | + ) => $this->addPublishedPostConditions( |
|
| 118 | + [ |
|
| 119 | + EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 120 | + ], |
|
| 121 | + false |
|
| 122 | + ), |
|
| 123 | + ] |
|
| 124 | + ); |
|
| 125 | + } |
|
| 126 | + } |
|
| 127 | + } else { |
|
| 128 | + // there is no basic cap. So allow full access |
|
| 129 | + $restrictions = []; |
|
| 130 | + } |
|
| 131 | + return $restrictions; |
|
| 132 | + } |
|
| 133 | 133 | } |
@@ -43,7 +43,7 @@ discard block |
||
| 43 | 43 | public function __construct(string $default_field_name, string $path_to_event_model) |
| 44 | 44 | { |
| 45 | 45 | $this->_default_field_name = $default_field_name; |
| 46 | - $this->_path_to_event_model = rtrim($path_to_event_model, '.') . '.'; |
|
| 46 | + $this->_path_to_event_model = rtrim($path_to_event_model, '.').'.'; |
|
| 47 | 47 | } |
| 48 | 48 | |
| 49 | 49 | |
@@ -55,7 +55,7 @@ discard block |
||
| 55 | 55 | { |
| 56 | 56 | // if there are no standard caps for this model, then for now |
| 57 | 57 | // all we know is if they need the default cap to access this |
| 58 | - if (! $this->model()->cap_slug()) { |
|
| 58 | + if ( ! $this->model()->cap_slug()) { |
|
| 59 | 59 | return [ |
| 60 | 60 | self::get_default_restrictions_cap() => new EE_Return_None_Where_Conditions(), |
| 61 | 61 | ]; |
@@ -83,7 +83,7 @@ discard block |
||
| 83 | 83 | // if they don't have the "others" default capability, |
| 84 | 84 | // restrict access to only their default ones, and non-default ones |
| 85 | 85 | if (EE_Restriction_Generator_Base::is_cap($this->model(), $others_default)) { |
| 86 | - $restrictions[ $this->getCapKey($this->model(), $others_default) ] = $this->othersDefaultRestrictions( |
|
| 86 | + $restrictions[$this->getCapKey($this->model(), $others_default)] = $this->othersDefaultRestrictions( |
|
| 87 | 87 | $others_default |
| 88 | 88 | ); |
| 89 | 89 | } |
@@ -126,9 +126,9 @@ discard block |
||
| 126 | 126 | [ |
| 127 | 127 | // if they don't have the others default cap, they can't access others default items |
| 128 | 128 | // (but they can access their own default items, and non-default items) |
| 129 | - 'OR*no_' . $this->getCapKey($this->model(), $action) => [ |
|
| 129 | + 'OR*no_'.$this->getCapKey($this->model(), $action) => [ |
|
| 130 | 130 | 'AND' => [ |
| 131 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 131 | + $this->_path_to_event_model.'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 132 | 132 | $this->_default_field_name => true, |
| 133 | 133 | ], |
| 134 | 134 | $this->_default_field_name => false, |
@@ -148,8 +148,8 @@ discard block |
||
| 148 | 148 | { |
| 149 | 149 | return new EE_Default_Where_Conditions( |
| 150 | 150 | [ |
| 151 | - 'OR*no_' . $this->getCapKey($event_model, $action) => [ |
|
| 152 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 151 | + 'OR*no_'.$this->getCapKey($event_model, $action) => [ |
|
| 152 | + $this->_path_to_event_model.'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 153 | 153 | ], |
| 154 | 154 | $this->_default_field_name => true, |
| 155 | 155 | ] |
@@ -167,9 +167,9 @@ discard block |
||
| 167 | 167 | { |
| 168 | 168 | return new EE_Default_Where_Conditions( |
| 169 | 169 | [ |
| 170 | - 'OR*no_' . $this->getCapKey($event_model, $action) => [ |
|
| 171 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 172 | - $this->_path_to_event_model . 'status' => ['!=', 'private'], |
|
| 170 | + 'OR*no_'.$this->getCapKey($event_model, $action) => [ |
|
| 171 | + $this->_path_to_event_model.'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 172 | + $this->_path_to_event_model.'status' => ['!=', 'private'], |
|
| 173 | 173 | $this->_default_field_name => true, |
| 174 | 174 | ], |
| 175 | 175 | ] |
@@ -14,164 +14,164 @@ |
||
| 14 | 14 | */ |
| 15 | 15 | class EE_Restriction_Generator_Default_Protected extends EE_Restriction_Generator_Base |
| 16 | 16 | { |
| 17 | - /** |
|
| 18 | - * Name of the field on this model (or a related model, including the model chain to it) |
|
| 19 | - * that is a boolean indicating whether or not a model object is considered "Default" or not |
|
| 20 | - * |
|
| 21 | - * @var string |
|
| 22 | - */ |
|
| 23 | - protected $_default_field_name; |
|
| 24 | - |
|
| 25 | - /** |
|
| 26 | - * The model chain to follow to get to the event model, including the event model itself. |
|
| 27 | - * Eg 'Ticket.Datetime.Event' |
|
| 28 | - * |
|
| 29 | - * @var string |
|
| 30 | - */ |
|
| 31 | - protected $_path_to_event_model; |
|
| 32 | - |
|
| 33 | - |
|
| 34 | - /** |
|
| 35 | - * @param string $default_field_name the name of the field Name of the field on this model |
|
| 36 | - * (or a related model, including the model chain to it) |
|
| 37 | - * that is a boolean indicating whether or not a model object |
|
| 38 | - * is considered "Default" or not |
|
| 39 | - * @param string $path_to_event_model The model chain to follow to get to the event model, |
|
| 40 | - * including the event model itself. Eg 'Ticket.Datetime.Event' |
|
| 41 | - */ |
|
| 42 | - public function __construct(string $default_field_name, string $path_to_event_model) |
|
| 43 | - { |
|
| 44 | - $this->_default_field_name = $default_field_name; |
|
| 45 | - $this->_path_to_event_model = rtrim($path_to_event_model, '.') . '.'; |
|
| 46 | - } |
|
| 47 | - |
|
| 48 | - |
|
| 49 | - /** |
|
| 50 | - * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 51 | - * @throws EE_Error |
|
| 52 | - */ |
|
| 53 | - protected function _generate_restrictions(): array |
|
| 54 | - { |
|
| 55 | - // if there are no standard caps for this model, then for now |
|
| 56 | - // all we know is if they need the default cap to access this |
|
| 57 | - if (! $this->model()->cap_slug()) { |
|
| 58 | - return [ |
|
| 59 | - self::get_default_restrictions_cap() => new EE_Return_None_Where_Conditions(), |
|
| 60 | - ]; |
|
| 61 | - } |
|
| 62 | - |
|
| 63 | - $action = $this->action(); |
|
| 64 | - $others = "{$action}_others"; |
|
| 65 | - $private = "{$action}_private"; |
|
| 66 | - $default = "{$action}_default"; |
|
| 67 | - $others_default = "{$action}_others_default"; |
|
| 68 | - $event_model = EEM_Event::instance(); |
|
| 69 | - |
|
| 70 | - $restrictions = [ |
|
| 71 | - // first: access to non-defaults is essentially controlled by which events are accessible |
|
| 72 | - // if they don't have the basic event cap, they can't access ANY non-default items |
|
| 73 | - $this->getCapKey($event_model, $action) => $this->nonDefaultRestrictions(true), |
|
| 74 | - // if they don't have the others event cap, they can't access others' non-default items |
|
| 75 | - $this->getCapKey($event_model, $others) => $this->othersNonDefaultRestrictions($event_model, $others), |
|
| 76 | - // if they have basic and others, but not private, they can't access others' private non-default items |
|
| 77 | - $this->getCapKey($event_model, $private) => $this->privateRestrictions($event_model, $private), |
|
| 78 | - // second: access to defaults is controlled by the default capabilities |
|
| 79 | - // if they don't have the default capability, restrict access to only non-default items |
|
| 80 | - $this->getCapKey($this->model(), $default) => $this->nonDefaultRestrictions(false), |
|
| 81 | - ]; |
|
| 82 | - // if they don't have the "others" default capability, |
|
| 83 | - // restrict access to only their default ones, and non-default ones |
|
| 84 | - if (EE_Restriction_Generator_Base::is_cap($this->model(), $others_default)) { |
|
| 85 | - $restrictions[ $this->getCapKey($this->model(), $others_default) ] = $this->othersDefaultRestrictions( |
|
| 86 | - $others_default |
|
| 87 | - ); |
|
| 88 | - } |
|
| 89 | - return $restrictions; |
|
| 90 | - } |
|
| 91 | - |
|
| 92 | - |
|
| 93 | - /** |
|
| 94 | - * @param EEM_Base $model |
|
| 95 | - * @param string $action |
|
| 96 | - * @return string |
|
| 97 | - * @since 5.0.0.p |
|
| 98 | - */ |
|
| 99 | - private function getCapKey(EEM_Base $model, string $action): string |
|
| 100 | - { |
|
| 101 | - return EE_Restriction_Generator_Base::get_cap_name($model, $action); |
|
| 102 | - } |
|
| 103 | - |
|
| 104 | - |
|
| 105 | - /** |
|
| 106 | - * @param bool $use_default_field_name |
|
| 107 | - * @return EE_Default_Where_Conditions |
|
| 108 | - * @since 5.0.0.p |
|
| 109 | - */ |
|
| 110 | - private function nonDefaultRestrictions(bool $use_default_field_name): EE_Default_Where_Conditions |
|
| 111 | - { |
|
| 112 | - return new EE_Default_Where_Conditions([$this->_default_field_name => $use_default_field_name]); |
|
| 113 | - } |
|
| 114 | - |
|
| 115 | - |
|
| 116 | - /** |
|
| 117 | - * @param string $action |
|
| 118 | - * @return EE_Default_Where_Conditions |
|
| 119 | - * @throws EE_Error |
|
| 120 | - * @since 5.0.0.p |
|
| 121 | - */ |
|
| 122 | - private function othersDefaultRestrictions(string $action): EE_Default_Where_Conditions |
|
| 123 | - { |
|
| 124 | - return new EE_Default_Where_Conditions( |
|
| 125 | - [ |
|
| 126 | - // if they don't have the others default cap, they can't access others default items |
|
| 127 | - // (but they can access their own default items, and non-default items) |
|
| 128 | - 'OR*no_' . $this->getCapKey($this->model(), $action) => [ |
|
| 129 | - 'AND' => [ |
|
| 130 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 131 | - $this->_default_field_name => true, |
|
| 132 | - ], |
|
| 133 | - $this->_default_field_name => false, |
|
| 134 | - ], |
|
| 135 | - ] |
|
| 136 | - ); |
|
| 137 | - } |
|
| 138 | - |
|
| 139 | - |
|
| 140 | - /** |
|
| 141 | - * @param EEM_Event $event_model |
|
| 142 | - * @param string $action |
|
| 143 | - * @return EE_Default_Where_Conditions |
|
| 144 | - * @since 5.0.0.p |
|
| 145 | - */ |
|
| 146 | - private function othersNonDefaultRestrictions(EEM_Event $event_model, string $action): EE_Default_Where_Conditions |
|
| 147 | - { |
|
| 148 | - return new EE_Default_Where_Conditions( |
|
| 149 | - [ |
|
| 150 | - 'OR*no_' . $this->getCapKey($event_model, $action) => [ |
|
| 151 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 152 | - ], |
|
| 153 | - $this->_default_field_name => true, |
|
| 154 | - ] |
|
| 155 | - ); |
|
| 156 | - } |
|
| 157 | - |
|
| 158 | - |
|
| 159 | - /** |
|
| 160 | - * @param EEM_Event $event_model |
|
| 161 | - * @param string $action |
|
| 162 | - * @return EE_Default_Where_Conditions |
|
| 163 | - * @since 5.0.0.p |
|
| 164 | - */ |
|
| 165 | - private function privateRestrictions(EEM_Event $event_model, string $action): EE_Default_Where_Conditions |
|
| 166 | - { |
|
| 167 | - return new EE_Default_Where_Conditions( |
|
| 168 | - [ |
|
| 169 | - 'OR*no_' . $this->getCapKey($event_model, $action) => [ |
|
| 170 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 171 | - $this->_path_to_event_model . 'status' => ['!=', 'private'], |
|
| 172 | - $this->_default_field_name => true, |
|
| 173 | - ], |
|
| 174 | - ] |
|
| 175 | - ); |
|
| 176 | - } |
|
| 17 | + /** |
|
| 18 | + * Name of the field on this model (or a related model, including the model chain to it) |
|
| 19 | + * that is a boolean indicating whether or not a model object is considered "Default" or not |
|
| 20 | + * |
|
| 21 | + * @var string |
|
| 22 | + */ |
|
| 23 | + protected $_default_field_name; |
|
| 24 | + |
|
| 25 | + /** |
|
| 26 | + * The model chain to follow to get to the event model, including the event model itself. |
|
| 27 | + * Eg 'Ticket.Datetime.Event' |
|
| 28 | + * |
|
| 29 | + * @var string |
|
| 30 | + */ |
|
| 31 | + protected $_path_to_event_model; |
|
| 32 | + |
|
| 33 | + |
|
| 34 | + /** |
|
| 35 | + * @param string $default_field_name the name of the field Name of the field on this model |
|
| 36 | + * (or a related model, including the model chain to it) |
|
| 37 | + * that is a boolean indicating whether or not a model object |
|
| 38 | + * is considered "Default" or not |
|
| 39 | + * @param string $path_to_event_model The model chain to follow to get to the event model, |
|
| 40 | + * including the event model itself. Eg 'Ticket.Datetime.Event' |
|
| 41 | + */ |
|
| 42 | + public function __construct(string $default_field_name, string $path_to_event_model) |
|
| 43 | + { |
|
| 44 | + $this->_default_field_name = $default_field_name; |
|
| 45 | + $this->_path_to_event_model = rtrim($path_to_event_model, '.') . '.'; |
|
| 46 | + } |
|
| 47 | + |
|
| 48 | + |
|
| 49 | + /** |
|
| 50 | + * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 51 | + * @throws EE_Error |
|
| 52 | + */ |
|
| 53 | + protected function _generate_restrictions(): array |
|
| 54 | + { |
|
| 55 | + // if there are no standard caps for this model, then for now |
|
| 56 | + // all we know is if they need the default cap to access this |
|
| 57 | + if (! $this->model()->cap_slug()) { |
|
| 58 | + return [ |
|
| 59 | + self::get_default_restrictions_cap() => new EE_Return_None_Where_Conditions(), |
|
| 60 | + ]; |
|
| 61 | + } |
|
| 62 | + |
|
| 63 | + $action = $this->action(); |
|
| 64 | + $others = "{$action}_others"; |
|
| 65 | + $private = "{$action}_private"; |
|
| 66 | + $default = "{$action}_default"; |
|
| 67 | + $others_default = "{$action}_others_default"; |
|
| 68 | + $event_model = EEM_Event::instance(); |
|
| 69 | + |
|
| 70 | + $restrictions = [ |
|
| 71 | + // first: access to non-defaults is essentially controlled by which events are accessible |
|
| 72 | + // if they don't have the basic event cap, they can't access ANY non-default items |
|
| 73 | + $this->getCapKey($event_model, $action) => $this->nonDefaultRestrictions(true), |
|
| 74 | + // if they don't have the others event cap, they can't access others' non-default items |
|
| 75 | + $this->getCapKey($event_model, $others) => $this->othersNonDefaultRestrictions($event_model, $others), |
|
| 76 | + // if they have basic and others, but not private, they can't access others' private non-default items |
|
| 77 | + $this->getCapKey($event_model, $private) => $this->privateRestrictions($event_model, $private), |
|
| 78 | + // second: access to defaults is controlled by the default capabilities |
|
| 79 | + // if they don't have the default capability, restrict access to only non-default items |
|
| 80 | + $this->getCapKey($this->model(), $default) => $this->nonDefaultRestrictions(false), |
|
| 81 | + ]; |
|
| 82 | + // if they don't have the "others" default capability, |
|
| 83 | + // restrict access to only their default ones, and non-default ones |
|
| 84 | + if (EE_Restriction_Generator_Base::is_cap($this->model(), $others_default)) { |
|
| 85 | + $restrictions[ $this->getCapKey($this->model(), $others_default) ] = $this->othersDefaultRestrictions( |
|
| 86 | + $others_default |
|
| 87 | + ); |
|
| 88 | + } |
|
| 89 | + return $restrictions; |
|
| 90 | + } |
|
| 91 | + |
|
| 92 | + |
|
| 93 | + /** |
|
| 94 | + * @param EEM_Base $model |
|
| 95 | + * @param string $action |
|
| 96 | + * @return string |
|
| 97 | + * @since 5.0.0.p |
|
| 98 | + */ |
|
| 99 | + private function getCapKey(EEM_Base $model, string $action): string |
|
| 100 | + { |
|
| 101 | + return EE_Restriction_Generator_Base::get_cap_name($model, $action); |
|
| 102 | + } |
|
| 103 | + |
|
| 104 | + |
|
| 105 | + /** |
|
| 106 | + * @param bool $use_default_field_name |
|
| 107 | + * @return EE_Default_Where_Conditions |
|
| 108 | + * @since 5.0.0.p |
|
| 109 | + */ |
|
| 110 | + private function nonDefaultRestrictions(bool $use_default_field_name): EE_Default_Where_Conditions |
|
| 111 | + { |
|
| 112 | + return new EE_Default_Where_Conditions([$this->_default_field_name => $use_default_field_name]); |
|
| 113 | + } |
|
| 114 | + |
|
| 115 | + |
|
| 116 | + /** |
|
| 117 | + * @param string $action |
|
| 118 | + * @return EE_Default_Where_Conditions |
|
| 119 | + * @throws EE_Error |
|
| 120 | + * @since 5.0.0.p |
|
| 121 | + */ |
|
| 122 | + private function othersDefaultRestrictions(string $action): EE_Default_Where_Conditions |
|
| 123 | + { |
|
| 124 | + return new EE_Default_Where_Conditions( |
|
| 125 | + [ |
|
| 126 | + // if they don't have the others default cap, they can't access others default items |
|
| 127 | + // (but they can access their own default items, and non-default items) |
|
| 128 | + 'OR*no_' . $this->getCapKey($this->model(), $action) => [ |
|
| 129 | + 'AND' => [ |
|
| 130 | + $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 131 | + $this->_default_field_name => true, |
|
| 132 | + ], |
|
| 133 | + $this->_default_field_name => false, |
|
| 134 | + ], |
|
| 135 | + ] |
|
| 136 | + ); |
|
| 137 | + } |
|
| 138 | + |
|
| 139 | + |
|
| 140 | + /** |
|
| 141 | + * @param EEM_Event $event_model |
|
| 142 | + * @param string $action |
|
| 143 | + * @return EE_Default_Where_Conditions |
|
| 144 | + * @since 5.0.0.p |
|
| 145 | + */ |
|
| 146 | + private function othersNonDefaultRestrictions(EEM_Event $event_model, string $action): EE_Default_Where_Conditions |
|
| 147 | + { |
|
| 148 | + return new EE_Default_Where_Conditions( |
|
| 149 | + [ |
|
| 150 | + 'OR*no_' . $this->getCapKey($event_model, $action) => [ |
|
| 151 | + $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 152 | + ], |
|
| 153 | + $this->_default_field_name => true, |
|
| 154 | + ] |
|
| 155 | + ); |
|
| 156 | + } |
|
| 157 | + |
|
| 158 | + |
|
| 159 | + /** |
|
| 160 | + * @param EEM_Event $event_model |
|
| 161 | + * @param string $action |
|
| 162 | + * @return EE_Default_Where_Conditions |
|
| 163 | + * @since 5.0.0.p |
|
| 164 | + */ |
|
| 165 | + private function privateRestrictions(EEM_Event $event_model, string $action): EE_Default_Where_Conditions |
|
| 166 | + { |
|
| 167 | + return new EE_Default_Where_Conditions( |
|
| 168 | + [ |
|
| 169 | + 'OR*no_' . $this->getCapKey($event_model, $action) => [ |
|
| 170 | + $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 171 | + $this->_path_to_event_model . 'status' => ['!=', 'private'], |
|
| 172 | + $this->_default_field_name => true, |
|
| 173 | + ], |
|
| 174 | + ] |
|
| 175 | + ); |
|
| 176 | + } |
|
| 177 | 177 | } |
@@ -29,7 +29,7 @@ discard block |
||
| 29 | 29 | { |
| 30 | 30 | // if there are no standard caps for this model, then for now all we know |
| 31 | 31 | // if they need the default cap to access this |
| 32 | - if (! $this->model()->cap_slug()) { |
|
| 32 | + if ( ! $this->model()->cap_slug()) { |
|
| 33 | 33 | return [ |
| 34 | 34 | EE_Restriction_Generator_Base::get_default_restrictions_cap( |
| 35 | 35 | ) => new EE_Return_None_Where_Conditions(), |
@@ -44,22 +44,22 @@ discard block |
||
| 44 | 44 | $this->action() |
| 45 | 45 | ) |
| 46 | 46 | ) { |
| 47 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 47 | + $restrictions[EE_Restriction_Generator_Base::get_cap_name( |
|
| 48 | 48 | $this->model(), |
| 49 | 49 | $this->action() |
| 50 | - ) ] = new EE_Return_None_Where_Conditions(); |
|
| 50 | + )] = new EE_Return_None_Where_Conditions(); |
|
| 51 | 51 | // does the others cap exist? (eg 'ee_read_others_registrations') |
| 52 | 52 | if ( |
| 53 | 53 | EE_Restriction_Generator_Base::is_cap( |
| 54 | 54 | $this->model(), |
| 55 | - $this->action() . '_others' |
|
| 55 | + $this->action().'_others' |
|
| 56 | 56 | ) |
| 57 | 57 | ) { |
| 58 | 58 | // both caps exist |
| 59 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 59 | + $restrictions[EE_Restriction_Generator_Base::get_cap_name( |
|
| 60 | 60 | $this->model(), |
| 61 | - $this->action() . '_others' |
|
| 62 | - ) ] = new EE_Default_Where_Conditions( |
|
| 61 | + $this->action().'_others' |
|
| 62 | + )] = new EE_Default_Where_Conditions( |
|
| 63 | 63 | [ |
| 64 | 64 | EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
| 65 | 65 | ] |
@@ -68,20 +68,20 @@ discard block |
||
| 68 | 68 | if ( |
| 69 | 69 | EE_Restriction_Generator_Base::is_cap( |
| 70 | 70 | $this->model(), |
| 71 | - $this->action() . '_private' |
|
| 71 | + $this->action().'_private' |
|
| 72 | 72 | ) && $this->model() instanceof EEM_CPT_Base |
| 73 | 73 | ) { |
| 74 | 74 | // if they have basic and others, but not private, |
| 75 | 75 | // restrict them to see theirs and others' that aren't private |
| 76 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 76 | + $restrictions[EE_Restriction_Generator_Base::get_cap_name( |
|
| 77 | 77 | $this->model(), |
| 78 | - $this->action() . '_private' |
|
| 79 | - ) ] = new EE_Default_Where_Conditions( |
|
| 78 | + $this->action().'_private' |
|
| 79 | + )] = new EE_Default_Where_Conditions( |
|
| 80 | 80 | [ |
| 81 | - 'OR*no_' . |
|
| 81 | + 'OR*no_'. |
|
| 82 | 82 | EE_Restriction_Generator_Base::get_cap_name( |
| 83 | 83 | $this->model(), |
| 84 | - $this->action() . '_private' |
|
| 84 | + $this->action().'_private' |
|
| 85 | 85 | ) => [ |
| 86 | 86 | EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
| 87 | 87 | 'status' => [ |
@@ -96,8 +96,8 @@ discard block |
||
| 96 | 96 | } else { |
| 97 | 97 | // there is no basic cap. |
| 98 | 98 | // So they can only access this if they have the default admin cap |
| 99 | - $restrictions[ EE_Restriction_Generator_Base::get_default_restrictions_cap( |
|
| 100 | - ) ] = new EE_Return_None_Where_Conditions(); |
|
| 99 | + $restrictions[EE_Restriction_Generator_Base::get_default_restrictions_cap( |
|
| 100 | + )] = new EE_Return_None_Where_Conditions(); |
|
| 101 | 101 | } |
| 102 | 102 | return $restrictions; |
| 103 | 103 | } |
@@ -20,84 +20,84 @@ |
||
| 20 | 20 | */ |
| 21 | 21 | class EE_Restriction_Generator_Protected extends EE_Restriction_Generator_Base |
| 22 | 22 | { |
| 23 | - /** |
|
| 24 | - * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 25 | - * @throws EE_Error |
|
| 26 | - */ |
|
| 27 | - protected function _generate_restrictions(): array |
|
| 28 | - { |
|
| 29 | - // if there are no standard caps for this model, then for now all we know |
|
| 30 | - // if they need the default cap to access this |
|
| 31 | - if (! $this->model()->cap_slug()) { |
|
| 32 | - return [ |
|
| 33 | - EE_Restriction_Generator_Base::get_default_restrictions_cap( |
|
| 34 | - ) => new EE_Return_None_Where_Conditions(), |
|
| 35 | - ]; |
|
| 36 | - } |
|
| 23 | + /** |
|
| 24 | + * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 25 | + * @throws EE_Error |
|
| 26 | + */ |
|
| 27 | + protected function _generate_restrictions(): array |
|
| 28 | + { |
|
| 29 | + // if there are no standard caps for this model, then for now all we know |
|
| 30 | + // if they need the default cap to access this |
|
| 31 | + if (! $this->model()->cap_slug()) { |
|
| 32 | + return [ |
|
| 33 | + EE_Restriction_Generator_Base::get_default_restrictions_cap( |
|
| 34 | + ) => new EE_Return_None_Where_Conditions(), |
|
| 35 | + ]; |
|
| 36 | + } |
|
| 37 | 37 | |
| 38 | - $restrictions = []; |
|
| 39 | - // does the basic cap exist? (eg 'ee_read_registrations') |
|
| 40 | - if ( |
|
| 41 | - EE_Restriction_Generator_Base::is_cap( |
|
| 42 | - $this->model(), |
|
| 43 | - $this->action() |
|
| 44 | - ) |
|
| 45 | - ) { |
|
| 46 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 47 | - $this->model(), |
|
| 48 | - $this->action() |
|
| 49 | - ) ] = new EE_Return_None_Where_Conditions(); |
|
| 50 | - // does the others cap exist? (eg 'ee_read_others_registrations') |
|
| 51 | - if ( |
|
| 52 | - EE_Restriction_Generator_Base::is_cap( |
|
| 53 | - $this->model(), |
|
| 54 | - $this->action() . '_others' |
|
| 55 | - ) |
|
| 56 | - ) { |
|
| 57 | - // both caps exist |
|
| 58 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 59 | - $this->model(), |
|
| 60 | - $this->action() . '_others' |
|
| 61 | - ) ] = new EE_Default_Where_Conditions( |
|
| 62 | - [ |
|
| 63 | - EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 64 | - ] |
|
| 65 | - ); |
|
| 66 | - // does the private cap exist (eg 'ee_read_others_private_events') |
|
| 67 | - if ( |
|
| 68 | - EE_Restriction_Generator_Base::is_cap( |
|
| 69 | - $this->model(), |
|
| 70 | - $this->action() . '_private' |
|
| 71 | - ) && $this->model() instanceof EEM_CPT_Base |
|
| 72 | - ) { |
|
| 73 | - // if they have basic and others, but not private, |
|
| 74 | - // restrict them to see theirs and others' that aren't private |
|
| 75 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 76 | - $this->model(), |
|
| 77 | - $this->action() . '_private' |
|
| 78 | - ) ] = new EE_Default_Where_Conditions( |
|
| 79 | - [ |
|
| 80 | - 'OR*no_' . |
|
| 81 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 82 | - $this->model(), |
|
| 83 | - $this->action() . '_private' |
|
| 84 | - ) => [ |
|
| 85 | - EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 86 | - 'status' => [ |
|
| 87 | - '!=', |
|
| 88 | - 'private', |
|
| 89 | - ], |
|
| 90 | - ], |
|
| 91 | - ] |
|
| 92 | - ); |
|
| 93 | - } |
|
| 94 | - } |
|
| 95 | - } else { |
|
| 96 | - // there is no basic cap. |
|
| 97 | - // So they can only access this if they have the default admin cap |
|
| 98 | - $restrictions[ EE_Restriction_Generator_Base::get_default_restrictions_cap( |
|
| 99 | - ) ] = new EE_Return_None_Where_Conditions(); |
|
| 100 | - } |
|
| 101 | - return $restrictions; |
|
| 102 | - } |
|
| 38 | + $restrictions = []; |
|
| 39 | + // does the basic cap exist? (eg 'ee_read_registrations') |
|
| 40 | + if ( |
|
| 41 | + EE_Restriction_Generator_Base::is_cap( |
|
| 42 | + $this->model(), |
|
| 43 | + $this->action() |
|
| 44 | + ) |
|
| 45 | + ) { |
|
| 46 | + $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 47 | + $this->model(), |
|
| 48 | + $this->action() |
|
| 49 | + ) ] = new EE_Return_None_Where_Conditions(); |
|
| 50 | + // does the others cap exist? (eg 'ee_read_others_registrations') |
|
| 51 | + if ( |
|
| 52 | + EE_Restriction_Generator_Base::is_cap( |
|
| 53 | + $this->model(), |
|
| 54 | + $this->action() . '_others' |
|
| 55 | + ) |
|
| 56 | + ) { |
|
| 57 | + // both caps exist |
|
| 58 | + $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 59 | + $this->model(), |
|
| 60 | + $this->action() . '_others' |
|
| 61 | + ) ] = new EE_Default_Where_Conditions( |
|
| 62 | + [ |
|
| 63 | + EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 64 | + ] |
|
| 65 | + ); |
|
| 66 | + // does the private cap exist (eg 'ee_read_others_private_events') |
|
| 67 | + if ( |
|
| 68 | + EE_Restriction_Generator_Base::is_cap( |
|
| 69 | + $this->model(), |
|
| 70 | + $this->action() . '_private' |
|
| 71 | + ) && $this->model() instanceof EEM_CPT_Base |
|
| 72 | + ) { |
|
| 73 | + // if they have basic and others, but not private, |
|
| 74 | + // restrict them to see theirs and others' that aren't private |
|
| 75 | + $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 76 | + $this->model(), |
|
| 77 | + $this->action() . '_private' |
|
| 78 | + ) ] = new EE_Default_Where_Conditions( |
|
| 79 | + [ |
|
| 80 | + 'OR*no_' . |
|
| 81 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 82 | + $this->model(), |
|
| 83 | + $this->action() . '_private' |
|
| 84 | + ) => [ |
|
| 85 | + EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 86 | + 'status' => [ |
|
| 87 | + '!=', |
|
| 88 | + 'private', |
|
| 89 | + ], |
|
| 90 | + ], |
|
| 91 | + ] |
|
| 92 | + ); |
|
| 93 | + } |
|
| 94 | + } |
|
| 95 | + } else { |
|
| 96 | + // there is no basic cap. |
|
| 97 | + // So they can only access this if they have the default admin cap |
|
| 98 | + $restrictions[ EE_Restriction_Generator_Base::get_default_restrictions_cap( |
|
| 99 | + ) ] = new EE_Return_None_Where_Conditions(); |
|
| 100 | + } |
|
| 101 | + return $restrictions; |
|
| 102 | + } |
|
| 103 | 103 | } |
@@ -48,7 +48,7 @@ discard block |
||
| 48 | 48 | { |
| 49 | 49 | // if there are no standard caps for this model, then for now |
| 50 | 50 | // all we know is if they need the default cap to access this |
| 51 | - if (! $this->model()->cap_slug()) { |
|
| 51 | + if ( ! $this->model()->cap_slug()) { |
|
| 52 | 52 | return [ |
| 53 | 53 | EE_Restriction_Generator_Base::get_default_restrictions_cap( |
| 54 | 54 | ) => new EE_Return_None_Where_Conditions(), |
@@ -61,14 +61,14 @@ discard block |
||
| 61 | 61 | ) => new EE_Return_None_Where_Conditions(), |
| 62 | 62 | EE_Restriction_Generator_Base::get_cap_name( |
| 63 | 63 | $this->model(), |
| 64 | - $this->action() . '_others' |
|
| 64 | + $this->action().'_others' |
|
| 65 | 65 | ) => new EE_Default_Where_Conditions( |
| 66 | 66 | [ |
| 67 | 67 | // I need to be the owner, or it must be a global item |
| 68 | - 'OR*no_' . |
|
| 68 | + 'OR*no_'. |
|
| 69 | 69 | EE_Restriction_Generator_Base::get_cap_name( |
| 70 | 70 | $this->model(), |
| 71 | - $this->action() . '_others' |
|
| 71 | + $this->action().'_others' |
|
| 72 | 72 | ) => [ |
| 73 | 73 | EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
| 74 | 74 | $this->_global_field_name => true, |
@@ -77,7 +77,7 @@ discard block |
||
| 77 | 77 | ), |
| 78 | 78 | EE_Restriction_Generator_Base::get_cap_name( |
| 79 | 79 | $this->model(), |
| 80 | - $this->action() . '_global' |
|
| 80 | + $this->action().'_global' |
|
| 81 | 81 | ) => new EE_Default_Where_Conditions( |
| 82 | 82 | [ |
| 83 | 83 | // it mustn't be global |
@@ -19,70 +19,70 @@ |
||
| 19 | 19 | */ |
| 20 | 20 | class EE_Restriction_Generator_Global extends EE_Restriction_Generator_Base |
| 21 | 21 | { |
| 22 | - /** |
|
| 23 | - * name of the model field that indicates whether or not a model object is |
|
| 24 | - * "global" |
|
| 25 | - * |
|
| 26 | - * @var string |
|
| 27 | - */ |
|
| 28 | - protected $_global_field_name; |
|
| 22 | + /** |
|
| 23 | + * name of the model field that indicates whether or not a model object is |
|
| 24 | + * "global" |
|
| 25 | + * |
|
| 26 | + * @var string |
|
| 27 | + */ |
|
| 28 | + protected $_global_field_name; |
|
| 29 | 29 | |
| 30 | 30 | |
| 31 | - /** |
|
| 32 | - * @param string $global_field_name name of the model field that indicates |
|
| 33 | - * whether or not a model object is |
|
| 34 | - * "global" |
|
| 35 | - */ |
|
| 36 | - public function __construct(string $global_field_name) |
|
| 37 | - { |
|
| 38 | - $this->_global_field_name = $global_field_name; |
|
| 39 | - } |
|
| 31 | + /** |
|
| 32 | + * @param string $global_field_name name of the model field that indicates |
|
| 33 | + * whether or not a model object is |
|
| 34 | + * "global" |
|
| 35 | + */ |
|
| 36 | + public function __construct(string $global_field_name) |
|
| 37 | + { |
|
| 38 | + $this->_global_field_name = $global_field_name; |
|
| 39 | + } |
|
| 40 | 40 | |
| 41 | 41 | |
| 42 | - /** |
|
| 43 | - * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 44 | - * @throws EE_Error |
|
| 45 | - */ |
|
| 46 | - protected function _generate_restrictions(): array |
|
| 47 | - { |
|
| 48 | - // if there are no standard caps for this model, then for now |
|
| 49 | - // all we know is if they need the default cap to access this |
|
| 50 | - if (! $this->model()->cap_slug()) { |
|
| 51 | - return [ |
|
| 52 | - EE_Restriction_Generator_Base::get_default_restrictions_cap( |
|
| 53 | - ) => new EE_Return_None_Where_Conditions(), |
|
| 54 | - ]; |
|
| 55 | - } |
|
| 56 | - return [ |
|
| 57 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 58 | - $this->model(), |
|
| 59 | - $this->action() |
|
| 60 | - ) => new EE_Return_None_Where_Conditions(), |
|
| 61 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 62 | - $this->model(), |
|
| 63 | - $this->action() . '_others' |
|
| 64 | - ) => new EE_Default_Where_Conditions( |
|
| 65 | - [ |
|
| 66 | - // I need to be the owner, or it must be a global item |
|
| 67 | - 'OR*no_' . |
|
| 68 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 69 | - $this->model(), |
|
| 70 | - $this->action() . '_others' |
|
| 71 | - ) => [ |
|
| 72 | - EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 73 | - $this->_global_field_name => true, |
|
| 74 | - ], |
|
| 75 | - ] |
|
| 76 | - ), |
|
| 77 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 78 | - $this->model(), |
|
| 79 | - $this->action() . '_global' |
|
| 80 | - ) => new EE_Default_Where_Conditions( |
|
| 81 | - [ |
|
| 82 | - // it mustn't be global |
|
| 83 | - $this->_global_field_name => false, |
|
| 84 | - ] |
|
| 85 | - ), |
|
| 86 | - ]; |
|
| 87 | - } |
|
| 42 | + /** |
|
| 43 | + * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 44 | + * @throws EE_Error |
|
| 45 | + */ |
|
| 46 | + protected function _generate_restrictions(): array |
|
| 47 | + { |
|
| 48 | + // if there are no standard caps for this model, then for now |
|
| 49 | + // all we know is if they need the default cap to access this |
|
| 50 | + if (! $this->model()->cap_slug()) { |
|
| 51 | + return [ |
|
| 52 | + EE_Restriction_Generator_Base::get_default_restrictions_cap( |
|
| 53 | + ) => new EE_Return_None_Where_Conditions(), |
|
| 54 | + ]; |
|
| 55 | + } |
|
| 56 | + return [ |
|
| 57 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 58 | + $this->model(), |
|
| 59 | + $this->action() |
|
| 60 | + ) => new EE_Return_None_Where_Conditions(), |
|
| 61 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 62 | + $this->model(), |
|
| 63 | + $this->action() . '_others' |
|
| 64 | + ) => new EE_Default_Where_Conditions( |
|
| 65 | + [ |
|
| 66 | + // I need to be the owner, or it must be a global item |
|
| 67 | + 'OR*no_' . |
|
| 68 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 69 | + $this->model(), |
|
| 70 | + $this->action() . '_others' |
|
| 71 | + ) => [ |
|
| 72 | + EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 73 | + $this->_global_field_name => true, |
|
| 74 | + ], |
|
| 75 | + ] |
|
| 76 | + ), |
|
| 77 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 78 | + $this->model(), |
|
| 79 | + $this->action() . '_global' |
|
| 80 | + ) => new EE_Default_Where_Conditions( |
|
| 81 | + [ |
|
| 82 | + // it mustn't be global |
|
| 83 | + $this->_global_field_name => false, |
|
| 84 | + ] |
|
| 85 | + ), |
|
| 86 | + ]; |
|
| 87 | + } |
|
| 88 | 88 | } |
@@ -44,7 +44,7 @@ discard block |
||
| 44 | 44 | { |
| 45 | 45 | // if there are no standard caps for this model, then for now |
| 46 | 46 | // all we know if they need the default cap to access this |
| 47 | - if (! $this->model()->cap_slug()) { |
|
| 47 | + if ( ! $this->model()->cap_slug()) { |
|
| 48 | 48 | return [ |
| 49 | 49 | self::get_default_restrictions_cap() => new EE_Return_None_Where_Conditions(), |
| 50 | 50 | ]; |
@@ -67,15 +67,15 @@ discard block |
||
| 67 | 67 | // they can't access others' non-default items |
| 68 | 68 | self::get_cap_name( |
| 69 | 69 | $event_model, |
| 70 | - $this->action() . '_others' |
|
| 70 | + $this->action().'_others' |
|
| 71 | 71 | ) => new EE_Default_Where_Conditions( |
| 72 | 72 | [ |
| 73 | - 'OR*' . self::get_cap_name( |
|
| 73 | + 'OR*'.self::get_cap_name( |
|
| 74 | 74 | $event_model, |
| 75 | - $this->action() . '_others' |
|
| 75 | + $this->action().'_others' |
|
| 76 | 76 | ) => $this->addPublishedPostConditions( |
| 77 | 77 | [ |
| 78 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 78 | + $this->_path_to_event_model.'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 79 | 79 | ], |
| 80 | 80 | true, |
| 81 | 81 | $this->_path_to_event_model |
@@ -84,14 +84,14 @@ discard block |
||
| 84 | 84 | ), |
| 85 | 85 | // if they have basic and others, but not private, |
| 86 | 86 | // they can't access others' private non-default items |
| 87 | - self::get_cap_name($event_model, $this->action() . '_private') => new EE_Default_Where_Conditions( |
|
| 87 | + self::get_cap_name($event_model, $this->action().'_private') => new EE_Default_Where_Conditions( |
|
| 88 | 88 | [ |
| 89 | - 'OR*no_' . self::get_cap_name( |
|
| 89 | + 'OR*no_'.self::get_cap_name( |
|
| 90 | 90 | $event_model, |
| 91 | - $this->action() . '_private' |
|
| 91 | + $this->action().'_private' |
|
| 92 | 92 | ) => $this->addPublishedPostConditions( |
| 93 | 93 | [ |
| 94 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 94 | + $this->_path_to_event_model.'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 95 | 95 | ], |
| 96 | 96 | false, |
| 97 | 97 | $this->_path_to_event_model |
@@ -13,90 +13,90 @@ |
||
| 13 | 13 | */ |
| 14 | 14 | class EE_Restriction_Generator_Event_Related_Public extends EE_Restriction_Generator_Base |
| 15 | 15 | { |
| 16 | - /** |
|
| 17 | - * Path to the event model from the model this restriction generator will |
|
| 18 | - * be applied to; including the event model itself. Eg |
|
| 19 | - * "Ticket.Datetime.Event" |
|
| 20 | - * |
|
| 21 | - * @var string |
|
| 22 | - */ |
|
| 23 | - protected $_path_to_event_model; |
|
| 16 | + /** |
|
| 17 | + * Path to the event model from the model this restriction generator will |
|
| 18 | + * be applied to; including the event model itself. Eg |
|
| 19 | + * "Ticket.Datetime.Event" |
|
| 20 | + * |
|
| 21 | + * @var string |
|
| 22 | + */ |
|
| 23 | + protected $_path_to_event_model; |
|
| 24 | 24 | |
| 25 | 25 | |
| 26 | - /** |
|
| 27 | - * @param string $path_to_event_model |
|
| 28 | - */ |
|
| 29 | - public function __construct(string $path_to_event_model) |
|
| 30 | - { |
|
| 31 | - if (substr($path_to_event_model, -1, 1) != '.') { |
|
| 32 | - $path_to_event_model .= '.'; |
|
| 33 | - } |
|
| 34 | - $this->_path_to_event_model = $path_to_event_model; |
|
| 35 | - } |
|
| 26 | + /** |
|
| 27 | + * @param string $path_to_event_model |
|
| 28 | + */ |
|
| 29 | + public function __construct(string $path_to_event_model) |
|
| 30 | + { |
|
| 31 | + if (substr($path_to_event_model, -1, 1) != '.') { |
|
| 32 | + $path_to_event_model .= '.'; |
|
| 33 | + } |
|
| 34 | + $this->_path_to_event_model = $path_to_event_model; |
|
| 35 | + } |
|
| 36 | 36 | |
| 37 | 37 | |
| 38 | - /** |
|
| 39 | - * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 40 | - * @throws EE_Error |
|
| 41 | - */ |
|
| 42 | - protected function _generate_restrictions(): array |
|
| 43 | - { |
|
| 44 | - // if there are no standard caps for this model, then for now |
|
| 45 | - // all we know if they need the default cap to access this |
|
| 46 | - if (! $this->model()->cap_slug()) { |
|
| 47 | - return [ |
|
| 48 | - self::get_default_restrictions_cap() => new EE_Return_None_Where_Conditions(), |
|
| 49 | - ]; |
|
| 50 | - } |
|
| 38 | + /** |
|
| 39 | + * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 40 | + * @throws EE_Error |
|
| 41 | + */ |
|
| 42 | + protected function _generate_restrictions(): array |
|
| 43 | + { |
|
| 44 | + // if there are no standard caps for this model, then for now |
|
| 45 | + // all we know if they need the default cap to access this |
|
| 46 | + if (! $this->model()->cap_slug()) { |
|
| 47 | + return [ |
|
| 48 | + self::get_default_restrictions_cap() => new EE_Return_None_Where_Conditions(), |
|
| 49 | + ]; |
|
| 50 | + } |
|
| 51 | 51 | |
| 52 | - $event_model = EEM_Event::instance(); |
|
| 53 | - return [ |
|
| 54 | - // first: basically access to non-defaults is essentially |
|
| 55 | - // controlled by which events are accessible |
|
| 56 | - // if they don't have the basic event cap, |
|
| 57 | - // they can only read things for published events |
|
| 58 | - self::get_cap_name($event_model, $this->action()) => new EE_Default_Where_Conditions( |
|
| 59 | - $this->addPublishedPostConditions( |
|
| 60 | - [], |
|
| 61 | - true, |
|
| 62 | - $this->_path_to_event_model |
|
| 63 | - ) |
|
| 64 | - ), |
|
| 65 | - // if they don't have the others event cap, |
|
| 66 | - // they can't access others' non-default items |
|
| 67 | - self::get_cap_name( |
|
| 68 | - $event_model, |
|
| 69 | - $this->action() . '_others' |
|
| 70 | - ) => new EE_Default_Where_Conditions( |
|
| 71 | - [ |
|
| 72 | - 'OR*' . self::get_cap_name( |
|
| 73 | - $event_model, |
|
| 74 | - $this->action() . '_others' |
|
| 75 | - ) => $this->addPublishedPostConditions( |
|
| 76 | - [ |
|
| 77 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 78 | - ], |
|
| 79 | - true, |
|
| 80 | - $this->_path_to_event_model |
|
| 81 | - ), |
|
| 82 | - ] |
|
| 83 | - ), |
|
| 84 | - // if they have basic and others, but not private, |
|
| 85 | - // they can't access others' private non-default items |
|
| 86 | - self::get_cap_name($event_model, $this->action() . '_private') => new EE_Default_Where_Conditions( |
|
| 87 | - [ |
|
| 88 | - 'OR*no_' . self::get_cap_name( |
|
| 89 | - $event_model, |
|
| 90 | - $this->action() . '_private' |
|
| 91 | - ) => $this->addPublishedPostConditions( |
|
| 92 | - [ |
|
| 93 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 94 | - ], |
|
| 95 | - false, |
|
| 96 | - $this->_path_to_event_model |
|
| 97 | - ), |
|
| 98 | - ] |
|
| 99 | - ), |
|
| 100 | - ]; |
|
| 101 | - } |
|
| 52 | + $event_model = EEM_Event::instance(); |
|
| 53 | + return [ |
|
| 54 | + // first: basically access to non-defaults is essentially |
|
| 55 | + // controlled by which events are accessible |
|
| 56 | + // if they don't have the basic event cap, |
|
| 57 | + // they can only read things for published events |
|
| 58 | + self::get_cap_name($event_model, $this->action()) => new EE_Default_Where_Conditions( |
|
| 59 | + $this->addPublishedPostConditions( |
|
| 60 | + [], |
|
| 61 | + true, |
|
| 62 | + $this->_path_to_event_model |
|
| 63 | + ) |
|
| 64 | + ), |
|
| 65 | + // if they don't have the others event cap, |
|
| 66 | + // they can't access others' non-default items |
|
| 67 | + self::get_cap_name( |
|
| 68 | + $event_model, |
|
| 69 | + $this->action() . '_others' |
|
| 70 | + ) => new EE_Default_Where_Conditions( |
|
| 71 | + [ |
|
| 72 | + 'OR*' . self::get_cap_name( |
|
| 73 | + $event_model, |
|
| 74 | + $this->action() . '_others' |
|
| 75 | + ) => $this->addPublishedPostConditions( |
|
| 76 | + [ |
|
| 77 | + $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 78 | + ], |
|
| 79 | + true, |
|
| 80 | + $this->_path_to_event_model |
|
| 81 | + ), |
|
| 82 | + ] |
|
| 83 | + ), |
|
| 84 | + // if they have basic and others, but not private, |
|
| 85 | + // they can't access others' private non-default items |
|
| 86 | + self::get_cap_name($event_model, $this->action() . '_private') => new EE_Default_Where_Conditions( |
|
| 87 | + [ |
|
| 88 | + 'OR*no_' . self::get_cap_name( |
|
| 89 | + $event_model, |
|
| 90 | + $this->action() . '_private' |
|
| 91 | + ) => $this->addPublishedPostConditions( |
|
| 92 | + [ |
|
| 93 | + $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 94 | + ], |
|
| 95 | + false, |
|
| 96 | + $this->_path_to_event_model |
|
| 97 | + ), |
|
| 98 | + ] |
|
| 99 | + ), |
|
| 100 | + ]; |
|
| 101 | + } |
|
| 102 | 102 | } |
@@ -63,7 +63,7 @@ discard block |
||
| 63 | 63 | { |
| 64 | 64 | // if there are no standard caps for this model, then for now all we know |
| 65 | 65 | // if they need the default cap to access this |
| 66 | - if (! $this->model()->cap_slug()) { |
|
| 66 | + if ( ! $this->model()->cap_slug()) { |
|
| 67 | 67 | return [ |
| 68 | 68 | self::get_default_restrictions_cap( |
| 69 | 69 | ) => new EE_Return_None_Where_Conditions(), |
@@ -82,7 +82,7 @@ discard block |
||
| 82 | 82 | $this->action() |
| 83 | 83 | ) => new EE_Default_Where_Conditions( |
| 84 | 84 | [ |
| 85 | - 'OR*no_' . |
|
| 85 | + 'OR*no_'. |
|
| 86 | 86 | EE_Restriction_Generator_Base::get_cap_name( |
| 87 | 87 | $event_model, |
| 88 | 88 | $this->action() |
@@ -100,16 +100,16 @@ discard block |
||
| 100 | 100 | // others' that are for published events, or defaults |
| 101 | 101 | EE_Restriction_Generator_Base::get_cap_name( |
| 102 | 102 | $event_model, |
| 103 | - $this->action() . '_others' |
|
| 103 | + $this->action().'_others' |
|
| 104 | 104 | ) => new EE_Default_Where_Conditions( |
| 105 | 105 | [ |
| 106 | - 'OR*no_' . |
|
| 106 | + 'OR*no_'. |
|
| 107 | 107 | EE_Restriction_Generator_Base::get_cap_name( |
| 108 | 108 | $event_model, |
| 109 | - $this->action() . '_others' |
|
| 109 | + $this->action().'_others' |
|
| 110 | 110 | ) => $this->addPublishedPostConditions( |
| 111 | 111 | [ |
| 112 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 112 | + $this->_path_to_event_model.'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 113 | 113 | $this->_default_field_name => true, |
| 114 | 114 | ], |
| 115 | 115 | true, |
@@ -122,16 +122,16 @@ discard block |
||
| 122 | 122 | // and others' that aren't private |
| 123 | 123 | EE_Restriction_Generator_Base::get_cap_name( |
| 124 | 124 | $event_model, |
| 125 | - $this->action() . '_private' |
|
| 125 | + $this->action().'_private' |
|
| 126 | 126 | ) => new EE_Default_Where_Conditions( |
| 127 | 127 | [ |
| 128 | - 'OR*no_' . |
|
| 128 | + 'OR*no_'. |
|
| 129 | 129 | EE_Restriction_Generator_Base::get_cap_name( |
| 130 | 130 | $event_model, |
| 131 | - $this->action() . '_private' |
|
| 131 | + $this->action().'_private' |
|
| 132 | 132 | ) => $this->addPublishedPostConditions( |
| 133 | 133 | [ |
| 134 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 134 | + $this->_path_to_event_model.'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 135 | 135 | $this->_default_field_name => true, |
| 136 | 136 | ], |
| 137 | 137 | false, |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | // restrict access to only non-default items |
| 146 | 146 | EE_Restriction_Generator_Base::get_cap_name( |
| 147 | 147 | $this->model(), |
| 148 | - $this->action() . '_default' |
|
| 148 | + $this->action().'_default' |
|
| 149 | 149 | ) => new EE_Default_Where_Conditions( |
| 150 | 150 | [$this->_default_field_name => false] |
| 151 | 151 | ), |
@@ -153,24 +153,24 @@ discard block |
||
| 153 | 153 | if ( |
| 154 | 154 | EE_Restriction_Generator_Base::is_cap( |
| 155 | 155 | $this->model(), |
| 156 | - $this->action() . '_others_default' |
|
| 156 | + $this->action().'_others_default' |
|
| 157 | 157 | ) |
| 158 | 158 | ) { |
| 159 | 159 | // if they don't have the "others" default capability, |
| 160 | 160 | // restrict access to only their default ones, and non-default ones |
| 161 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 161 | + $restrictions[EE_Restriction_Generator_Base::get_cap_name( |
|
| 162 | 162 | $this->model(), |
| 163 | - $this->action() . '_others_default' |
|
| 164 | - ) ] = new EE_Default_Where_Conditions( |
|
| 163 | + $this->action().'_others_default' |
|
| 164 | + )] = new EE_Default_Where_Conditions( |
|
| 165 | 165 | [ |
| 166 | 166 | // if they don't have the others default cap, |
| 167 | 167 | // they can't access others default items |
| 168 | 168 | // (but they can access their own default items, |
| 169 | 169 | // and non-default items) |
| 170 | - 'OR*no_' . |
|
| 170 | + 'OR*no_'. |
|
| 171 | 171 | EE_Restriction_Generator_Base::get_cap_name( |
| 172 | 172 | $this->model(), |
| 173 | - $this->action() . '_others_default' |
|
| 173 | + $this->action().'_others_default' |
|
| 174 | 174 | ) => [ |
| 175 | 175 | 'AND' => [ |
| 176 | 176 | EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
@@ -14,172 +14,172 @@ |
||
| 14 | 14 | */ |
| 15 | 15 | class EE_Restriction_Generator_Default_Public extends EE_Restriction_Generator_Base |
| 16 | 16 | { |
| 17 | - /** |
|
| 18 | - * Name of the field on this model (or a related model, including the model |
|
| 19 | - * chain to it) that is a boolean indicating whether or not a model object |
|
| 20 | - * is considered "Default" or not |
|
| 21 | - * |
|
| 22 | - * @var string |
|
| 23 | - */ |
|
| 24 | - protected $_default_field_name; |
|
| 17 | + /** |
|
| 18 | + * Name of the field on this model (or a related model, including the model |
|
| 19 | + * chain to it) that is a boolean indicating whether or not a model object |
|
| 20 | + * is considered "Default" or not |
|
| 21 | + * |
|
| 22 | + * @var string |
|
| 23 | + */ |
|
| 24 | + protected $_default_field_name; |
|
| 25 | 25 | |
| 26 | - /** |
|
| 27 | - * The model chain to follow to get to the event model, including the event |
|
| 28 | - * model itself. Eg 'Ticket.Datetime.Event' |
|
| 29 | - * |
|
| 30 | - * @var string |
|
| 31 | - */ |
|
| 32 | - protected $_path_to_event_model; |
|
| 26 | + /** |
|
| 27 | + * The model chain to follow to get to the event model, including the event |
|
| 28 | + * model itself. Eg 'Ticket.Datetime.Event' |
|
| 29 | + * |
|
| 30 | + * @var string |
|
| 31 | + */ |
|
| 32 | + protected $_path_to_event_model; |
|
| 33 | 33 | |
| 34 | 34 | |
| 35 | - /** |
|
| 36 | - * @param string $default_field_name the name of the field Name of the |
|
| 37 | - * field on this model (or a related |
|
| 38 | - * model, including the model chain to |
|
| 39 | - * it) that is a boolean indicating |
|
| 40 | - * whether or not a model object is |
|
| 41 | - * considered "Default" or not |
|
| 42 | - * @param string $path_to_event_model The model chain to follow to get to |
|
| 43 | - * the event model, including the event |
|
| 44 | - * model itself. Eg |
|
| 45 | - * 'Ticket.Datetime.Event' |
|
| 46 | - */ |
|
| 47 | - public function __construct(string $default_field_name, string $path_to_event_model) |
|
| 48 | - { |
|
| 49 | - $this->_default_field_name = $default_field_name; |
|
| 50 | - if (substr($path_to_event_model, -1, 1) != '.') { |
|
| 51 | - $path_to_event_model .= '.'; |
|
| 52 | - } |
|
| 53 | - $this->_path_to_event_model = $path_to_event_model; |
|
| 54 | - } |
|
| 35 | + /** |
|
| 36 | + * @param string $default_field_name the name of the field Name of the |
|
| 37 | + * field on this model (or a related |
|
| 38 | + * model, including the model chain to |
|
| 39 | + * it) that is a boolean indicating |
|
| 40 | + * whether or not a model object is |
|
| 41 | + * considered "Default" or not |
|
| 42 | + * @param string $path_to_event_model The model chain to follow to get to |
|
| 43 | + * the event model, including the event |
|
| 44 | + * model itself. Eg |
|
| 45 | + * 'Ticket.Datetime.Event' |
|
| 46 | + */ |
|
| 47 | + public function __construct(string $default_field_name, string $path_to_event_model) |
|
| 48 | + { |
|
| 49 | + $this->_default_field_name = $default_field_name; |
|
| 50 | + if (substr($path_to_event_model, -1, 1) != '.') { |
|
| 51 | + $path_to_event_model .= '.'; |
|
| 52 | + } |
|
| 53 | + $this->_path_to_event_model = $path_to_event_model; |
|
| 54 | + } |
|
| 55 | 55 | |
| 56 | 56 | |
| 57 | - /** |
|
| 58 | - * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 59 | - * @throws EE_Error |
|
| 60 | - */ |
|
| 61 | - protected function _generate_restrictions(): array |
|
| 62 | - { |
|
| 63 | - // if there are no standard caps for this model, then for now all we know |
|
| 64 | - // if they need the default cap to access this |
|
| 65 | - if (! $this->model()->cap_slug()) { |
|
| 66 | - return [ |
|
| 67 | - self::get_default_restrictions_cap( |
|
| 68 | - ) => new EE_Return_None_Where_Conditions(), |
|
| 69 | - ]; |
|
| 70 | - } |
|
| 57 | + /** |
|
| 58 | + * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 59 | + * @throws EE_Error |
|
| 60 | + */ |
|
| 61 | + protected function _generate_restrictions(): array |
|
| 62 | + { |
|
| 63 | + // if there are no standard caps for this model, then for now all we know |
|
| 64 | + // if they need the default cap to access this |
|
| 65 | + if (! $this->model()->cap_slug()) { |
|
| 66 | + return [ |
|
| 67 | + self::get_default_restrictions_cap( |
|
| 68 | + ) => new EE_Return_None_Where_Conditions(), |
|
| 69 | + ]; |
|
| 70 | + } |
|
| 71 | 71 | |
| 72 | - $event_model = EEM_Event::instance(); |
|
| 72 | + $event_model = EEM_Event::instance(); |
|
| 73 | 73 | |
| 74 | - $restrictions = [ |
|
| 75 | - // first: basically access to non-defaults is essentially |
|
| 76 | - // controlled by which events are accessible |
|
| 77 | - // if they don't have the basic event cap, |
|
| 78 | - // they can't access ANY non-default items |
|
| 79 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 80 | - $event_model, |
|
| 81 | - $this->action() |
|
| 82 | - ) => new EE_Default_Where_Conditions( |
|
| 83 | - [ |
|
| 84 | - 'OR*no_' . |
|
| 85 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 86 | - $event_model, |
|
| 87 | - $this->action() |
|
| 88 | - ) => $this->addPublishedPostConditions( |
|
| 89 | - [ |
|
| 90 | - $this->_default_field_name => true, |
|
| 91 | - ], |
|
| 92 | - true, |
|
| 93 | - $this->_path_to_event_model |
|
| 94 | - ), |
|
| 95 | - ] |
|
| 96 | - ), |
|
| 97 | - // if they don't have the others event cap, |
|
| 98 | - // they can only access their own, |
|
| 99 | - // others' that are for published events, or defaults |
|
| 100 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 101 | - $event_model, |
|
| 102 | - $this->action() . '_others' |
|
| 103 | - ) => new EE_Default_Where_Conditions( |
|
| 104 | - [ |
|
| 105 | - 'OR*no_' . |
|
| 106 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 107 | - $event_model, |
|
| 108 | - $this->action() . '_others' |
|
| 109 | - ) => $this->addPublishedPostConditions( |
|
| 110 | - [ |
|
| 111 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 112 | - $this->_default_field_name => true, |
|
| 113 | - ], |
|
| 114 | - true, |
|
| 115 | - $this->_path_to_event_model |
|
| 116 | - ), |
|
| 117 | - ] |
|
| 118 | - ), |
|
| 119 | - // if they have basic and others, but not private, |
|
| 120 | - // they can access default, their own, |
|
| 121 | - // and others' that aren't private |
|
| 122 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 123 | - $event_model, |
|
| 124 | - $this->action() . '_private' |
|
| 125 | - ) => new EE_Default_Where_Conditions( |
|
| 126 | - [ |
|
| 127 | - 'OR*no_' . |
|
| 128 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 129 | - $event_model, |
|
| 130 | - $this->action() . '_private' |
|
| 131 | - ) => $this->addPublishedPostConditions( |
|
| 132 | - [ |
|
| 133 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 134 | - $this->_default_field_name => true, |
|
| 135 | - ], |
|
| 136 | - false, |
|
| 137 | - $this->_path_to_event_model |
|
| 138 | - ), |
|
| 139 | - ] |
|
| 140 | - ), |
|
| 141 | - // second: access to defaults is controlled |
|
| 142 | - // by the default capabilities |
|
| 143 | - // if they don't have the basic default capability, |
|
| 144 | - // restrict access to only non-default items |
|
| 145 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 146 | - $this->model(), |
|
| 147 | - $this->action() . '_default' |
|
| 148 | - ) => new EE_Default_Where_Conditions( |
|
| 149 | - [$this->_default_field_name => false] |
|
| 150 | - ), |
|
| 151 | - ]; |
|
| 152 | - if ( |
|
| 153 | - EE_Restriction_Generator_Base::is_cap( |
|
| 154 | - $this->model(), |
|
| 155 | - $this->action() . '_others_default' |
|
| 156 | - ) |
|
| 157 | - ) { |
|
| 158 | - // if they don't have the "others" default capability, |
|
| 159 | - // restrict access to only their default ones, and non-default ones |
|
| 160 | - $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 161 | - $this->model(), |
|
| 162 | - $this->action() . '_others_default' |
|
| 163 | - ) ] = new EE_Default_Where_Conditions( |
|
| 164 | - [ |
|
| 165 | - // if they don't have the others default cap, |
|
| 166 | - // they can't access others default items |
|
| 167 | - // (but they can access their own default items, |
|
| 168 | - // and non-default items) |
|
| 169 | - 'OR*no_' . |
|
| 170 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 171 | - $this->model(), |
|
| 172 | - $this->action() . '_others_default' |
|
| 173 | - ) => [ |
|
| 174 | - 'AND' => [ |
|
| 175 | - EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 176 | - $this->_default_field_name => true |
|
| 177 | - ], |
|
| 178 | - $this->_default_field_name => false |
|
| 179 | - ] |
|
| 180 | - ] |
|
| 181 | - ); |
|
| 182 | - } |
|
| 183 | - return $restrictions; |
|
| 184 | - } |
|
| 74 | + $restrictions = [ |
|
| 75 | + // first: basically access to non-defaults is essentially |
|
| 76 | + // controlled by which events are accessible |
|
| 77 | + // if they don't have the basic event cap, |
|
| 78 | + // they can't access ANY non-default items |
|
| 79 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 80 | + $event_model, |
|
| 81 | + $this->action() |
|
| 82 | + ) => new EE_Default_Where_Conditions( |
|
| 83 | + [ |
|
| 84 | + 'OR*no_' . |
|
| 85 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 86 | + $event_model, |
|
| 87 | + $this->action() |
|
| 88 | + ) => $this->addPublishedPostConditions( |
|
| 89 | + [ |
|
| 90 | + $this->_default_field_name => true, |
|
| 91 | + ], |
|
| 92 | + true, |
|
| 93 | + $this->_path_to_event_model |
|
| 94 | + ), |
|
| 95 | + ] |
|
| 96 | + ), |
|
| 97 | + // if they don't have the others event cap, |
|
| 98 | + // they can only access their own, |
|
| 99 | + // others' that are for published events, or defaults |
|
| 100 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 101 | + $event_model, |
|
| 102 | + $this->action() . '_others' |
|
| 103 | + ) => new EE_Default_Where_Conditions( |
|
| 104 | + [ |
|
| 105 | + 'OR*no_' . |
|
| 106 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 107 | + $event_model, |
|
| 108 | + $this->action() . '_others' |
|
| 109 | + ) => $this->addPublishedPostConditions( |
|
| 110 | + [ |
|
| 111 | + $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 112 | + $this->_default_field_name => true, |
|
| 113 | + ], |
|
| 114 | + true, |
|
| 115 | + $this->_path_to_event_model |
|
| 116 | + ), |
|
| 117 | + ] |
|
| 118 | + ), |
|
| 119 | + // if they have basic and others, but not private, |
|
| 120 | + // they can access default, their own, |
|
| 121 | + // and others' that aren't private |
|
| 122 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 123 | + $event_model, |
|
| 124 | + $this->action() . '_private' |
|
| 125 | + ) => new EE_Default_Where_Conditions( |
|
| 126 | + [ |
|
| 127 | + 'OR*no_' . |
|
| 128 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 129 | + $event_model, |
|
| 130 | + $this->action() . '_private' |
|
| 131 | + ) => $this->addPublishedPostConditions( |
|
| 132 | + [ |
|
| 133 | + $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 134 | + $this->_default_field_name => true, |
|
| 135 | + ], |
|
| 136 | + false, |
|
| 137 | + $this->_path_to_event_model |
|
| 138 | + ), |
|
| 139 | + ] |
|
| 140 | + ), |
|
| 141 | + // second: access to defaults is controlled |
|
| 142 | + // by the default capabilities |
|
| 143 | + // if they don't have the basic default capability, |
|
| 144 | + // restrict access to only non-default items |
|
| 145 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 146 | + $this->model(), |
|
| 147 | + $this->action() . '_default' |
|
| 148 | + ) => new EE_Default_Where_Conditions( |
|
| 149 | + [$this->_default_field_name => false] |
|
| 150 | + ), |
|
| 151 | + ]; |
|
| 152 | + if ( |
|
| 153 | + EE_Restriction_Generator_Base::is_cap( |
|
| 154 | + $this->model(), |
|
| 155 | + $this->action() . '_others_default' |
|
| 156 | + ) |
|
| 157 | + ) { |
|
| 158 | + // if they don't have the "others" default capability, |
|
| 159 | + // restrict access to only their default ones, and non-default ones |
|
| 160 | + $restrictions[ EE_Restriction_Generator_Base::get_cap_name( |
|
| 161 | + $this->model(), |
|
| 162 | + $this->action() . '_others_default' |
|
| 163 | + ) ] = new EE_Default_Where_Conditions( |
|
| 164 | + [ |
|
| 165 | + // if they don't have the others default cap, |
|
| 166 | + // they can't access others default items |
|
| 167 | + // (but they can access their own default items, |
|
| 168 | + // and non-default items) |
|
| 169 | + 'OR*no_' . |
|
| 170 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 171 | + $this->model(), |
|
| 172 | + $this->action() . '_others_default' |
|
| 173 | + ) => [ |
|
| 174 | + 'AND' => [ |
|
| 175 | + EE_QUERY_PLACEHOLDER_USER_FIELD_NAME => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 176 | + $this->_default_field_name => true |
|
| 177 | + ], |
|
| 178 | + $this->_default_field_name => false |
|
| 179 | + ] |
|
| 180 | + ] |
|
| 181 | + ); |
|
| 182 | + } |
|
| 183 | + return $restrictions; |
|
| 184 | + } |
|
| 185 | 185 | } |
@@ -89,7 +89,7 @@ discard block |
||
| 89 | 89 | { |
| 90 | 90 | // if there are no standard caps for this model, then for now |
| 91 | 91 | // all we know if they need the default cap to access this |
| 92 | - if (! $this->model()->cap_slug()) { |
|
| 92 | + if ( ! $this->model()->cap_slug()) { |
|
| 93 | 93 | return [ |
| 94 | 94 | self::get_default_restrictions_cap( |
| 95 | 95 | ) => new EE_Return_None_Where_Conditions(), |
@@ -110,26 +110,26 @@ discard block |
||
| 110 | 110 | // they can't access others' non-default items |
| 111 | 111 | EE_Restriction_Generator_Base::get_cap_name( |
| 112 | 112 | $event_model, |
| 113 | - $this->action_for_event() . '_others' |
|
| 113 | + $this->action_for_event().'_others' |
|
| 114 | 114 | ) => new EE_Default_Where_Conditions( |
| 115 | 115 | [ |
| 116 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 116 | + $this->_path_to_event_model.'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 117 | 117 | ] |
| 118 | 118 | ), |
| 119 | 119 | // if they have basic and others, but not private, |
| 120 | 120 | // they can't access others' private non-default items |
| 121 | 121 | EE_Restriction_Generator_Base::get_cap_name( |
| 122 | 122 | $event_model, |
| 123 | - $this->action_for_event() . '_private' |
|
| 123 | + $this->action_for_event().'_private' |
|
| 124 | 124 | ) => new EE_Default_Where_Conditions( |
| 125 | 125 | [ |
| 126 | - 'OR*no_' . |
|
| 126 | + 'OR*no_'. |
|
| 127 | 127 | EE_Restriction_Generator_Base::get_cap_name( |
| 128 | 128 | $event_model, |
| 129 | - $this->action_for_event() . '_private' |
|
| 129 | + $this->action_for_event().'_private' |
|
| 130 | 130 | ) => $this->addPublishedPostConditions( |
| 131 | 131 | [ |
| 132 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 132 | + $this->_path_to_event_model.'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 133 | 133 | ], |
| 134 | 134 | false, |
| 135 | 135 | $this->_path_to_event_model |
@@ -13,128 +13,128 @@ |
||
| 13 | 13 | */ |
| 14 | 14 | class EE_Restriction_Generator_Event_Related_Protected extends EE_Restriction_Generator_Base |
| 15 | 15 | { |
| 16 | - /** |
|
| 17 | - * Path to the event model from the model this restriction generator will |
|
| 18 | - * be applied to; including the event model itself. Eg |
|
| 19 | - * "Ticket.Datetime.Event" |
|
| 20 | - * |
|
| 21 | - * @var string |
|
| 22 | - */ |
|
| 23 | - protected $_path_to_event_model = null; |
|
| 16 | + /** |
|
| 17 | + * Path to the event model from the model this restriction generator will |
|
| 18 | + * be applied to; including the event model itself. Eg |
|
| 19 | + * "Ticket.Datetime.Event" |
|
| 20 | + * |
|
| 21 | + * @var string |
|
| 22 | + */ |
|
| 23 | + protected $_path_to_event_model = null; |
|
| 24 | 24 | |
| 25 | - /** |
|
| 26 | - * Capability context on event model when creating restrictions. |
|
| 27 | - * Eg, although we may want capability restrictions relating to deleting |
|
| 28 | - * datetimes, they don't need to be able to DELETE EVENTS, they just need |
|
| 29 | - * to be able to EDIT EVENTS in order to DELETE DATETIMES. |
|
| 30 | - * |
|
| 31 | - * @var string one of EEM_Base::valid_cap_contexts() |
|
| 32 | - */ |
|
| 33 | - protected $_cap_context_on_event_model = null; |
|
| 25 | + /** |
|
| 26 | + * Capability context on event model when creating restrictions. |
|
| 27 | + * Eg, although we may want capability restrictions relating to deleting |
|
| 28 | + * datetimes, they don't need to be able to DELETE EVENTS, they just need |
|
| 29 | + * to be able to EDIT EVENTS in order to DELETE DATETIMES. |
|
| 30 | + * |
|
| 31 | + * @var string one of EEM_Base::valid_cap_contexts() |
|
| 32 | + */ |
|
| 33 | + protected $_cap_context_on_event_model = null; |
|
| 34 | 34 | |
| 35 | 35 | |
| 36 | - /** |
|
| 37 | - * @param string $path_to_event_model |
|
| 38 | - * @param string $cap_context_on_event_model capability context on event |
|
| 39 | - * model when creating |
|
| 40 | - * restrictions. Eg, although we |
|
| 41 | - * may want capability |
|
| 42 | - * restrictions relating to |
|
| 43 | - * deleting datetimes, they don't |
|
| 44 | - * need to be able to DELETE |
|
| 45 | - * EVENTS, they just need to be |
|
| 46 | - * able to EDIT EVENTS in order |
|
| 47 | - * to DELETE DATETIMES. If none |
|
| 48 | - * if provided, assumed to be the |
|
| 49 | - * same as on the primary model. |
|
| 50 | - */ |
|
| 51 | - public function __construct( |
|
| 52 | - string $path_to_event_model, |
|
| 53 | - string $cap_context_on_event_model = '' |
|
| 54 | - ) { |
|
| 55 | - if (substr($path_to_event_model, -1, 1) != '.') { |
|
| 56 | - $path_to_event_model .= '.'; |
|
| 57 | - } |
|
| 58 | - $this->_path_to_event_model = $path_to_event_model; |
|
| 59 | - $this->_cap_context_on_event_model = $cap_context_on_event_model; |
|
| 60 | - } |
|
| 36 | + /** |
|
| 37 | + * @param string $path_to_event_model |
|
| 38 | + * @param string $cap_context_on_event_model capability context on event |
|
| 39 | + * model when creating |
|
| 40 | + * restrictions. Eg, although we |
|
| 41 | + * may want capability |
|
| 42 | + * restrictions relating to |
|
| 43 | + * deleting datetimes, they don't |
|
| 44 | + * need to be able to DELETE |
|
| 45 | + * EVENTS, they just need to be |
|
| 46 | + * able to EDIT EVENTS in order |
|
| 47 | + * to DELETE DATETIMES. If none |
|
| 48 | + * if provided, assumed to be the |
|
| 49 | + * same as on the primary model. |
|
| 50 | + */ |
|
| 51 | + public function __construct( |
|
| 52 | + string $path_to_event_model, |
|
| 53 | + string $cap_context_on_event_model = '' |
|
| 54 | + ) { |
|
| 55 | + if (substr($path_to_event_model, -1, 1) != '.') { |
|
| 56 | + $path_to_event_model .= '.'; |
|
| 57 | + } |
|
| 58 | + $this->_path_to_event_model = $path_to_event_model; |
|
| 59 | + $this->_cap_context_on_event_model = $cap_context_on_event_model; |
|
| 60 | + } |
|
| 61 | 61 | |
| 62 | 62 | |
| 63 | - /** |
|
| 64 | - * Returns `$this->_cap_context_on_event_model`, the relevant action |
|
| 65 | - * ("read", |
|
| 66 | - * "read_admin", "edit" or "delete") for the EVENT related to this model. |
|
| 67 | - * |
|
| 68 | - * @return string one of EEM_Base::valid_cap_contexts() |
|
| 69 | - * @throws EE_Error |
|
| 70 | - * @see EE_Restriction_Generator_Event_Related_Protected::__construct() |
|
| 71 | - */ |
|
| 72 | - protected function action_for_event(): ?string |
|
| 73 | - { |
|
| 74 | - if ($this->_cap_context_on_event_model) { |
|
| 75 | - return $this->_cap_context_on_event_model; |
|
| 76 | - } else { |
|
| 77 | - return $this->action(); |
|
| 78 | - } |
|
| 79 | - } |
|
| 63 | + /** |
|
| 64 | + * Returns `$this->_cap_context_on_event_model`, the relevant action |
|
| 65 | + * ("read", |
|
| 66 | + * "read_admin", "edit" or "delete") for the EVENT related to this model. |
|
| 67 | + * |
|
| 68 | + * @return string one of EEM_Base::valid_cap_contexts() |
|
| 69 | + * @throws EE_Error |
|
| 70 | + * @see EE_Restriction_Generator_Event_Related_Protected::__construct() |
|
| 71 | + */ |
|
| 72 | + protected function action_for_event(): ?string |
|
| 73 | + { |
|
| 74 | + if ($this->_cap_context_on_event_model) { |
|
| 75 | + return $this->_cap_context_on_event_model; |
|
| 76 | + } else { |
|
| 77 | + return $this->action(); |
|
| 78 | + } |
|
| 79 | + } |
|
| 80 | 80 | |
| 81 | 81 | |
| 82 | - /** |
|
| 83 | - * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 84 | - * @throws EE_Error |
|
| 85 | - * @throws EE_Error |
|
| 86 | - */ |
|
| 87 | - protected function _generate_restrictions(): array |
|
| 88 | - { |
|
| 89 | - // if there are no standard caps for this model, then for now |
|
| 90 | - // all we know if they need the default cap to access this |
|
| 91 | - if (! $this->model()->cap_slug()) { |
|
| 92 | - return [ |
|
| 93 | - self::get_default_restrictions_cap( |
|
| 94 | - ) => new EE_Return_None_Where_Conditions(), |
|
| 95 | - ]; |
|
| 96 | - } |
|
| 82 | + /** |
|
| 83 | + * @return EE_Default_Where_Conditions[]|EE_Return_None_Where_Conditions[] |
|
| 84 | + * @throws EE_Error |
|
| 85 | + * @throws EE_Error |
|
| 86 | + */ |
|
| 87 | + protected function _generate_restrictions(): array |
|
| 88 | + { |
|
| 89 | + // if there are no standard caps for this model, then for now |
|
| 90 | + // all we know if they need the default cap to access this |
|
| 91 | + if (! $this->model()->cap_slug()) { |
|
| 92 | + return [ |
|
| 93 | + self::get_default_restrictions_cap( |
|
| 94 | + ) => new EE_Return_None_Where_Conditions(), |
|
| 95 | + ]; |
|
| 96 | + } |
|
| 97 | 97 | |
| 98 | - $event_model = EEM_Event::instance(); |
|
| 99 | - return [ |
|
| 100 | - // first: basically access to non-defaults is essentially |
|
| 101 | - // controlled by which events are accessible |
|
| 102 | - // if they don't have the basic event cap, |
|
| 103 | - // they can't access ANY non-default items |
|
| 104 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 105 | - $event_model, |
|
| 106 | - $this->action_for_event() |
|
| 107 | - ) => new EE_Return_None_Where_Conditions(), |
|
| 108 | - // if they don't have the others event cap, |
|
| 109 | - // they can't access others' non-default items |
|
| 110 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 111 | - $event_model, |
|
| 112 | - $this->action_for_event() . '_others' |
|
| 113 | - ) => new EE_Default_Where_Conditions( |
|
| 114 | - [ |
|
| 115 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 116 | - ] |
|
| 117 | - ), |
|
| 118 | - // if they have basic and others, but not private, |
|
| 119 | - // they can't access others' private non-default items |
|
| 120 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 121 | - $event_model, |
|
| 122 | - $this->action_for_event() . '_private' |
|
| 123 | - ) => new EE_Default_Where_Conditions( |
|
| 124 | - [ |
|
| 125 | - 'OR*no_' . |
|
| 126 | - EE_Restriction_Generator_Base::get_cap_name( |
|
| 127 | - $event_model, |
|
| 128 | - $this->action_for_event() . '_private' |
|
| 129 | - ) => $this->addPublishedPostConditions( |
|
| 130 | - [ |
|
| 131 | - $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 132 | - ], |
|
| 133 | - false, |
|
| 134 | - $this->_path_to_event_model |
|
| 135 | - ) |
|
| 136 | - ] |
|
| 137 | - ), |
|
| 138 | - ]; |
|
| 139 | - } |
|
| 98 | + $event_model = EEM_Event::instance(); |
|
| 99 | + return [ |
|
| 100 | + // first: basically access to non-defaults is essentially |
|
| 101 | + // controlled by which events are accessible |
|
| 102 | + // if they don't have the basic event cap, |
|
| 103 | + // they can't access ANY non-default items |
|
| 104 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 105 | + $event_model, |
|
| 106 | + $this->action_for_event() |
|
| 107 | + ) => new EE_Return_None_Where_Conditions(), |
|
| 108 | + // if they don't have the others event cap, |
|
| 109 | + // they can't access others' non-default items |
|
| 110 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 111 | + $event_model, |
|
| 112 | + $this->action_for_event() . '_others' |
|
| 113 | + ) => new EE_Default_Where_Conditions( |
|
| 114 | + [ |
|
| 115 | + $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 116 | + ] |
|
| 117 | + ), |
|
| 118 | + // if they have basic and others, but not private, |
|
| 119 | + // they can't access others' private non-default items |
|
| 120 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 121 | + $event_model, |
|
| 122 | + $this->action_for_event() . '_private' |
|
| 123 | + ) => new EE_Default_Where_Conditions( |
|
| 124 | + [ |
|
| 125 | + 'OR*no_' . |
|
| 126 | + EE_Restriction_Generator_Base::get_cap_name( |
|
| 127 | + $event_model, |
|
| 128 | + $this->action_for_event() . '_private' |
|
| 129 | + ) => $this->addPublishedPostConditions( |
|
| 130 | + [ |
|
| 131 | + $this->_path_to_event_model . 'EVT_wp_user' => EE_QUERY_PLACEHOLDER_CURRENT_USER, |
|
| 132 | + ], |
|
| 133 | + false, |
|
| 134 | + $this->_path_to_event_model |
|
| 135 | + ) |
|
| 136 | + ] |
|
| 137 | + ), |
|
| 138 | + ]; |
|
| 139 | + } |
|
| 140 | 140 | } |
@@ -22,7 +22,7 @@ |
||
| 22 | 22 | */ |
| 23 | 23 | public function __construct() |
| 24 | 24 | { |
| 25 | - $this->setName($this->namespace . 'TicketVisibilityEnum'); |
|
| 25 | + $this->setName($this->namespace.'TicketVisibilityEnum'); |
|
| 26 | 26 | $this->setDescription(esc_html__('Where the ticket can be viewed throughout the UI', 'event_espresso')); |
| 27 | 27 | parent::__construct(); |
| 28 | 28 | } |
@@ -17,24 +17,24 @@ |
||
| 17 | 17 | */ |
| 18 | 18 | class TicketVisibilityEnum extends EnumBase |
| 19 | 19 | { |
| 20 | - /** |
|
| 21 | - * TicketVisibilityEnum constructor. |
|
| 22 | - */ |
|
| 23 | - public function __construct() |
|
| 24 | - { |
|
| 25 | - $this->setName($this->namespace . 'TicketVisibilityEnum'); |
|
| 26 | - $this->setDescription(esc_html__('Where the ticket can be viewed throughout the UI', 'event_espresso')); |
|
| 27 | - parent::__construct(); |
|
| 28 | - } |
|
| 20 | + /** |
|
| 21 | + * TicketVisibilityEnum constructor. |
|
| 22 | + */ |
|
| 23 | + public function __construct() |
|
| 24 | + { |
|
| 25 | + $this->setName($this->namespace . 'TicketVisibilityEnum'); |
|
| 26 | + $this->setDescription(esc_html__('Where the ticket can be viewed throughout the UI', 'event_espresso')); |
|
| 27 | + parent::__construct(); |
|
| 28 | + } |
|
| 29 | 29 | |
| 30 | 30 | |
| 31 | - /** |
|
| 32 | - * @return array |
|
| 33 | - * @throws EE_Error |
|
| 34 | - * @throws ReflectionException |
|
| 35 | - */ |
|
| 36 | - protected function getValues(): array |
|
| 37 | - { |
|
| 38 | - return EEM_Ticket::instance()->getTicketVisibilityValues(); |
|
| 39 | - } |
|
| 31 | + /** |
|
| 32 | + * @return array |
|
| 33 | + * @throws EE_Error |
|
| 34 | + * @throws ReflectionException |
|
| 35 | + */ |
|
| 36 | + protected function getValues(): array |
|
| 37 | + { |
|
| 38 | + return EEM_Ticket::instance()->getTicketVisibilityValues(); |
|
| 39 | + } |
|
| 40 | 40 | } |
@@ -35,7 +35,7 @@ discard block |
||
| 35 | 35 | { |
| 36 | 36 | $args = []; |
| 37 | 37 | |
| 38 | - if (! empty($input['datetimes'])) { |
|
| 38 | + if ( ! empty($input['datetimes'])) { |
|
| 39 | 39 | $args['datetimes'] = array_map('sanitize_text_field', (array) $input['datetimes']); |
| 40 | 40 | } |
| 41 | 41 | |
@@ -43,7 +43,7 @@ discard block |
||
| 43 | 43 | $args['TKT_description'] = wp_kses_post($input['description']); |
| 44 | 44 | } |
| 45 | 45 | |
| 46 | - if (! empty($input['endDate'])) { |
|
| 46 | + if ( ! empty($input['endDate'])) { |
|
| 47 | 47 | $args['TKT_end_date'] = new DateTime(sanitize_text_field($input['endDate'])); |
| 48 | 48 | } |
| 49 | 49 | |
@@ -79,9 +79,9 @@ discard block |
||
| 79 | 79 | $args['TKT_order'] = (int) $input['order']; |
| 80 | 80 | } |
| 81 | 81 | |
| 82 | - if (! empty($input['parent'])) { |
|
| 82 | + if ( ! empty($input['parent'])) { |
|
| 83 | 83 | $parts = Relay::fromGlobalId(sanitize_text_field($input['parent'])); |
| 84 | - $args['TKT_parent'] = (! empty($parts['id']) && is_int($parts['id'])) ? $parts['id'] : null; |
|
| 84 | + $args['TKT_parent'] = ( ! empty($parts['id']) && is_int($parts['id'])) ? $parts['id'] : null; |
|
| 85 | 85 | } |
| 86 | 86 | |
| 87 | 87 | // price can be 0 |
@@ -114,7 +114,7 @@ discard block |
||
| 114 | 114 | $args['TKT_sold'] = (int) $input['sold']; |
| 115 | 115 | } |
| 116 | 116 | |
| 117 | - if (! empty($input['startDate'])) { |
|
| 117 | + if ( ! empty($input['startDate'])) { |
|
| 118 | 118 | $args['TKT_start_date'] = new DateTime(sanitize_text_field($input['startDate'])); |
| 119 | 119 | } |
| 120 | 120 | |
@@ -122,9 +122,9 @@ discard block |
||
| 122 | 122 | $args['TKT_uses'] = (int) $input['uses']; |
| 123 | 123 | } |
| 124 | 124 | |
| 125 | - if (! empty($input['wpUser'])) { |
|
| 125 | + if ( ! empty($input['wpUser'])) { |
|
| 126 | 126 | $parts = Relay::fromGlobalId(sanitize_text_field($input['wpUser'])); |
| 127 | - $args['TKT_wp_user'] = (! empty($parts['id']) && is_int($parts['id'])) ? $parts['id'] : null; |
|
| 127 | + $args['TKT_wp_user'] = ( ! empty($parts['id']) && is_int($parts['id'])) ? $parts['id'] : null; |
|
| 128 | 128 | } |
| 129 | 129 | |
| 130 | 130 | if (array_key_exists('visibility', $input)) { |
@@ -159,7 +159,7 @@ discard block |
||
| 159 | 159 | // @todo replace loop with single query |
| 160 | 160 | foreach ($datetimes as $ID) { |
| 161 | 161 | $parts = Relay::fromGlobalId($ID); |
| 162 | - if (! empty($parts['id']) && absint($parts['id'])) { |
|
| 162 | + if ( ! empty($parts['id']) && absint($parts['id'])) { |
|
| 163 | 163 | $entity->_add_relation_to( |
| 164 | 164 | $parts['id'], |
| 165 | 165 | $relationName |
@@ -189,7 +189,7 @@ discard block |
||
| 189 | 189 | // @todo replace loop with single query |
| 190 | 190 | foreach ($prices as $ID) { |
| 191 | 191 | $parts = Relay::fromGlobalId($ID); |
| 192 | - if (! empty($parts['id']) && absint($parts['id'])) { |
|
| 192 | + if ( ! empty($parts['id']) && absint($parts['id'])) { |
|
| 193 | 193 | $entity->_add_relation_to( |
| 194 | 194 | $parts['id'], |
| 195 | 195 | $relationName |
@@ -22,195 +22,195 @@ |
||
| 22 | 22 | */ |
| 23 | 23 | class TicketMutation |
| 24 | 24 | { |
| 25 | - /** |
|
| 26 | - * Maps the GraphQL input to a format that the model functions can use |
|
| 27 | - * |
|
| 28 | - * @param array $input Data coming from the GraphQL mutation query input |
|
| 29 | - * @return array |
|
| 30 | - * @throws Exception |
|
| 31 | - */ |
|
| 32 | - public static function prepareFields(array $input): array |
|
| 33 | - { |
|
| 34 | - $args = []; |
|
| 35 | - |
|
| 36 | - if (! empty($input['datetimes'])) { |
|
| 37 | - $args['datetimes'] = array_map('sanitize_text_field', (array) $input['datetimes']); |
|
| 38 | - } |
|
| 39 | - |
|
| 40 | - if (isset($input['description'])) { |
|
| 41 | - $args['TKT_description'] = wp_kses_post($input['description']); |
|
| 42 | - } |
|
| 43 | - |
|
| 44 | - if (! empty($input['endDate'])) { |
|
| 45 | - $args['TKT_end_date'] = new DateTime(sanitize_text_field($input['endDate'])); |
|
| 46 | - } |
|
| 47 | - |
|
| 48 | - if (array_key_exists('isDefault', $input)) { |
|
| 49 | - $args['TKT_is_default'] = (bool) $input['isDefault']; |
|
| 50 | - } |
|
| 51 | - |
|
| 52 | - if (array_key_exists('isRequired', $input)) { |
|
| 53 | - $args['TKT_required'] = (bool) $input['isRequired']; |
|
| 54 | - } |
|
| 55 | - |
|
| 56 | - if (array_key_exists('isTaxable', $input)) { |
|
| 57 | - $args['TKT_taxable'] = (bool) $input['isTaxable']; |
|
| 58 | - } |
|
| 59 | - |
|
| 60 | - if (array_key_exists('isTrashed', $input)) { |
|
| 61 | - $args['TKT_deleted'] = (bool) $input['isTrashed']; |
|
| 62 | - } |
|
| 63 | - |
|
| 64 | - if (array_key_exists('max', $input)) { |
|
| 65 | - $args['TKT_max'] = (int) $input['max']; |
|
| 66 | - } |
|
| 67 | - |
|
| 68 | - if (array_key_exists('min', $input)) { |
|
| 69 | - $args['TKT_min'] = (int) $input['min']; |
|
| 70 | - } |
|
| 71 | - |
|
| 72 | - if (isset($input['name'])) { |
|
| 73 | - $args['TKT_name'] = sanitize_text_field($input['name']); |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - if (array_key_exists('order', $input)) { |
|
| 77 | - $args['TKT_order'] = (int) $input['order']; |
|
| 78 | - } |
|
| 79 | - |
|
| 80 | - if (! empty($input['parent'])) { |
|
| 81 | - $parts = Relay::fromGlobalId(sanitize_text_field($input['parent'])); |
|
| 82 | - $args['TKT_parent'] = (! empty($parts['id']) && is_int($parts['id'])) ? $parts['id'] : null; |
|
| 83 | - } |
|
| 84 | - |
|
| 85 | - // price can be 0 |
|
| 86 | - if (array_key_exists('price', $input)) { |
|
| 87 | - $args['TKT_price'] = (float) $input['price']; |
|
| 88 | - } |
|
| 89 | - |
|
| 90 | - // prices can be an empty array when all prices are deleted |
|
| 91 | - if (array_key_exists('prices', $input) && is_array($input['prices'])) { |
|
| 92 | - $args['prices'] = array_map('sanitize_text_field', $input['prices']); |
|
| 93 | - } |
|
| 94 | - |
|
| 95 | - if (array_key_exists('quantity', $input)) { |
|
| 96 | - $args['TKT_qty'] = (int) $input['quantity']; |
|
| 97 | - } |
|
| 98 | - |
|
| 99 | - if (array_key_exists('reserved', $input)) { |
|
| 100 | - $args['TKT_reserved'] = (int) $input['reserved']; |
|
| 101 | - } |
|
| 102 | - |
|
| 103 | - if (array_key_exists('reverseCalculate', $input)) { |
|
| 104 | - $args['TKT_reverse_calculate'] = (bool) $input['reverseCalculate']; |
|
| 105 | - } |
|
| 106 | - |
|
| 107 | - if (array_key_exists('row', $input)) { |
|
| 108 | - $args['TKT_row'] = (int) $input['row']; |
|
| 109 | - } |
|
| 110 | - |
|
| 111 | - if (array_key_exists('sold', $input)) { |
|
| 112 | - $args['TKT_sold'] = (int) $input['sold']; |
|
| 113 | - } |
|
| 114 | - |
|
| 115 | - if (! empty($input['startDate'])) { |
|
| 116 | - $args['TKT_start_date'] = new DateTime(sanitize_text_field($input['startDate'])); |
|
| 117 | - } |
|
| 118 | - |
|
| 119 | - if (array_key_exists('uses', $input)) { |
|
| 120 | - $args['TKT_uses'] = (int) $input['uses']; |
|
| 121 | - } |
|
| 122 | - |
|
| 123 | - if (! empty($input['wpUser'])) { |
|
| 124 | - $parts = Relay::fromGlobalId(sanitize_text_field($input['wpUser'])); |
|
| 125 | - $args['TKT_wp_user'] = (! empty($parts['id']) && is_int($parts['id'])) ? $parts['id'] : null; |
|
| 126 | - } |
|
| 127 | - |
|
| 128 | - if (array_key_exists('visibility', $input)) { |
|
| 129 | - $args['TKT_visibility'] = (int) $input['visibility']; |
|
| 130 | - } |
|
| 131 | - |
|
| 132 | - return apply_filters( |
|
| 133 | - 'FHEE__EventEspresso_core_domain_services_graphql_data_mutations__ticket_args', |
|
| 134 | - $args, |
|
| 135 | - $input |
|
| 136 | - ); |
|
| 137 | - } |
|
| 138 | - |
|
| 139 | - |
|
| 140 | - /** |
|
| 141 | - * Sets the related datetimes for the given ticket. |
|
| 142 | - * |
|
| 143 | - * @param EE_Ticket $entity The Ticket instance. |
|
| 144 | - * @param array $datetimes Array of datetime IDs to relate. |
|
| 145 | - * @throws EE_Error |
|
| 146 | - * @throws InvalidArgumentException |
|
| 147 | - * @throws InvalidDataTypeException |
|
| 148 | - * @throws InvalidInterfaceException |
|
| 149 | - * @throws ReflectionException |
|
| 150 | - */ |
|
| 151 | - public static function setRelatedDatetimes(EE_Ticket $entity, array $datetimes) |
|
| 152 | - { |
|
| 153 | - $relationName = 'Datetime'; |
|
| 154 | - // Remove all the existing related datetimes |
|
| 155 | - |
|
| 156 | - $entity->_remove_relations($relationName); |
|
| 157 | - // @todo replace loop with single query |
|
| 158 | - foreach ($datetimes as $ID) { |
|
| 159 | - $parts = Relay::fromGlobalId($ID); |
|
| 160 | - if (! empty($parts['id']) && absint($parts['id'])) { |
|
| 161 | - $entity->_add_relation_to( |
|
| 162 | - $parts['id'], |
|
| 163 | - $relationName |
|
| 164 | - ); |
|
| 165 | - } |
|
| 166 | - } |
|
| 167 | - } |
|
| 168 | - |
|
| 169 | - |
|
| 170 | - /** |
|
| 171 | - * Sets the related prices for the given ticket. |
|
| 172 | - * |
|
| 173 | - * @param EE_Ticket $entity The Ticket instance. |
|
| 174 | - * @param array $prices Array of entity IDs to relate. |
|
| 175 | - * @throws EE_Error |
|
| 176 | - * @throws InvalidArgumentException |
|
| 177 | - * @throws InvalidDataTypeException |
|
| 178 | - * @throws InvalidInterfaceException |
|
| 179 | - * @throws ReflectionException |
|
| 180 | - */ |
|
| 181 | - public static function setRelatedPrices(EE_Ticket $entity, array $prices) |
|
| 182 | - { |
|
| 183 | - $relationName = 'Price'; |
|
| 184 | - // Remove all the existing related entities |
|
| 185 | - $entity->_remove_relations($relationName); |
|
| 186 | - |
|
| 187 | - // @todo replace loop with single query |
|
| 188 | - foreach ($prices as $ID) { |
|
| 189 | - $parts = Relay::fromGlobalId($ID); |
|
| 190 | - if (! empty($parts['id']) && absint($parts['id'])) { |
|
| 191 | - $entity->_add_relation_to( |
|
| 192 | - $parts['id'], |
|
| 193 | - $relationName |
|
| 194 | - ); |
|
| 195 | - } |
|
| 196 | - } |
|
| 197 | - } |
|
| 198 | - |
|
| 199 | - |
|
| 200 | - /** |
|
| 201 | - * @param EE_Ticket $ticket_entity |
|
| 202 | - * @throws EE_Error |
|
| 203 | - * @throws InvalidArgumentException |
|
| 204 | - * @throws InvalidDataTypeException |
|
| 205 | - * @throws InvalidInterfaceException |
|
| 206 | - * @throws ReflectionException |
|
| 207 | - */ |
|
| 208 | - public static function addDefaultPrices(EE_Ticket $ticket_entity) |
|
| 209 | - { |
|
| 210 | - /** @var DefaultPrices $default_prices */ |
|
| 211 | - $default_prices = LoaderFactory::getLoader()->getShared( |
|
| 212 | - 'EventEspresso\core\domain\services\admin\entities\DefaultPrices' |
|
| 213 | - ); |
|
| 214 | - $default_prices->create($ticket_entity); |
|
| 215 | - } |
|
| 25 | + /** |
|
| 26 | + * Maps the GraphQL input to a format that the model functions can use |
|
| 27 | + * |
|
| 28 | + * @param array $input Data coming from the GraphQL mutation query input |
|
| 29 | + * @return array |
|
| 30 | + * @throws Exception |
|
| 31 | + */ |
|
| 32 | + public static function prepareFields(array $input): array |
|
| 33 | + { |
|
| 34 | + $args = []; |
|
| 35 | + |
|
| 36 | + if (! empty($input['datetimes'])) { |
|
| 37 | + $args['datetimes'] = array_map('sanitize_text_field', (array) $input['datetimes']); |
|
| 38 | + } |
|
| 39 | + |
|
| 40 | + if (isset($input['description'])) { |
|
| 41 | + $args['TKT_description'] = wp_kses_post($input['description']); |
|
| 42 | + } |
|
| 43 | + |
|
| 44 | + if (! empty($input['endDate'])) { |
|
| 45 | + $args['TKT_end_date'] = new DateTime(sanitize_text_field($input['endDate'])); |
|
| 46 | + } |
|
| 47 | + |
|
| 48 | + if (array_key_exists('isDefault', $input)) { |
|
| 49 | + $args['TKT_is_default'] = (bool) $input['isDefault']; |
|
| 50 | + } |
|
| 51 | + |
|
| 52 | + if (array_key_exists('isRequired', $input)) { |
|
| 53 | + $args['TKT_required'] = (bool) $input['isRequired']; |
|
| 54 | + } |
|
| 55 | + |
|
| 56 | + if (array_key_exists('isTaxable', $input)) { |
|
| 57 | + $args['TKT_taxable'] = (bool) $input['isTaxable']; |
|
| 58 | + } |
|
| 59 | + |
|
| 60 | + if (array_key_exists('isTrashed', $input)) { |
|
| 61 | + $args['TKT_deleted'] = (bool) $input['isTrashed']; |
|
| 62 | + } |
|
| 63 | + |
|
| 64 | + if (array_key_exists('max', $input)) { |
|
| 65 | + $args['TKT_max'] = (int) $input['max']; |
|
| 66 | + } |
|
| 67 | + |
|
| 68 | + if (array_key_exists('min', $input)) { |
|
| 69 | + $args['TKT_min'] = (int) $input['min']; |
|
| 70 | + } |
|
| 71 | + |
|
| 72 | + if (isset($input['name'])) { |
|
| 73 | + $args['TKT_name'] = sanitize_text_field($input['name']); |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + if (array_key_exists('order', $input)) { |
|
| 77 | + $args['TKT_order'] = (int) $input['order']; |
|
| 78 | + } |
|
| 79 | + |
|
| 80 | + if (! empty($input['parent'])) { |
|
| 81 | + $parts = Relay::fromGlobalId(sanitize_text_field($input['parent'])); |
|
| 82 | + $args['TKT_parent'] = (! empty($parts['id']) && is_int($parts['id'])) ? $parts['id'] : null; |
|
| 83 | + } |
|
| 84 | + |
|
| 85 | + // price can be 0 |
|
| 86 | + if (array_key_exists('price', $input)) { |
|
| 87 | + $args['TKT_price'] = (float) $input['price']; |
|
| 88 | + } |
|
| 89 | + |
|
| 90 | + // prices can be an empty array when all prices are deleted |
|
| 91 | + if (array_key_exists('prices', $input) && is_array($input['prices'])) { |
|
| 92 | + $args['prices'] = array_map('sanitize_text_field', $input['prices']); |
|
| 93 | + } |
|
| 94 | + |
|
| 95 | + if (array_key_exists('quantity', $input)) { |
|
| 96 | + $args['TKT_qty'] = (int) $input['quantity']; |
|
| 97 | + } |
|
| 98 | + |
|
| 99 | + if (array_key_exists('reserved', $input)) { |
|
| 100 | + $args['TKT_reserved'] = (int) $input['reserved']; |
|
| 101 | + } |
|
| 102 | + |
|
| 103 | + if (array_key_exists('reverseCalculate', $input)) { |
|
| 104 | + $args['TKT_reverse_calculate'] = (bool) $input['reverseCalculate']; |
|
| 105 | + } |
|
| 106 | + |
|
| 107 | + if (array_key_exists('row', $input)) { |
|
| 108 | + $args['TKT_row'] = (int) $input['row']; |
|
| 109 | + } |
|
| 110 | + |
|
| 111 | + if (array_key_exists('sold', $input)) { |
|
| 112 | + $args['TKT_sold'] = (int) $input['sold']; |
|
| 113 | + } |
|
| 114 | + |
|
| 115 | + if (! empty($input['startDate'])) { |
|
| 116 | + $args['TKT_start_date'] = new DateTime(sanitize_text_field($input['startDate'])); |
|
| 117 | + } |
|
| 118 | + |
|
| 119 | + if (array_key_exists('uses', $input)) { |
|
| 120 | + $args['TKT_uses'] = (int) $input['uses']; |
|
| 121 | + } |
|
| 122 | + |
|
| 123 | + if (! empty($input['wpUser'])) { |
|
| 124 | + $parts = Relay::fromGlobalId(sanitize_text_field($input['wpUser'])); |
|
| 125 | + $args['TKT_wp_user'] = (! empty($parts['id']) && is_int($parts['id'])) ? $parts['id'] : null; |
|
| 126 | + } |
|
| 127 | + |
|
| 128 | + if (array_key_exists('visibility', $input)) { |
|
| 129 | + $args['TKT_visibility'] = (int) $input['visibility']; |
|
| 130 | + } |
|
| 131 | + |
|
| 132 | + return apply_filters( |
|
| 133 | + 'FHEE__EventEspresso_core_domain_services_graphql_data_mutations__ticket_args', |
|
| 134 | + $args, |
|
| 135 | + $input |
|
| 136 | + ); |
|
| 137 | + } |
|
| 138 | + |
|
| 139 | + |
|
| 140 | + /** |
|
| 141 | + * Sets the related datetimes for the given ticket. |
|
| 142 | + * |
|
| 143 | + * @param EE_Ticket $entity The Ticket instance. |
|
| 144 | + * @param array $datetimes Array of datetime IDs to relate. |
|
| 145 | + * @throws EE_Error |
|
| 146 | + * @throws InvalidArgumentException |
|
| 147 | + * @throws InvalidDataTypeException |
|
| 148 | + * @throws InvalidInterfaceException |
|
| 149 | + * @throws ReflectionException |
|
| 150 | + */ |
|
| 151 | + public static function setRelatedDatetimes(EE_Ticket $entity, array $datetimes) |
|
| 152 | + { |
|
| 153 | + $relationName = 'Datetime'; |
|
| 154 | + // Remove all the existing related datetimes |
|
| 155 | + |
|
| 156 | + $entity->_remove_relations($relationName); |
|
| 157 | + // @todo replace loop with single query |
|
| 158 | + foreach ($datetimes as $ID) { |
|
| 159 | + $parts = Relay::fromGlobalId($ID); |
|
| 160 | + if (! empty($parts['id']) && absint($parts['id'])) { |
|
| 161 | + $entity->_add_relation_to( |
|
| 162 | + $parts['id'], |
|
| 163 | + $relationName |
|
| 164 | + ); |
|
| 165 | + } |
|
| 166 | + } |
|
| 167 | + } |
|
| 168 | + |
|
| 169 | + |
|
| 170 | + /** |
|
| 171 | + * Sets the related prices for the given ticket. |
|
| 172 | + * |
|
| 173 | + * @param EE_Ticket $entity The Ticket instance. |
|
| 174 | + * @param array $prices Array of entity IDs to relate. |
|
| 175 | + * @throws EE_Error |
|
| 176 | + * @throws InvalidArgumentException |
|
| 177 | + * @throws InvalidDataTypeException |
|
| 178 | + * @throws InvalidInterfaceException |
|
| 179 | + * @throws ReflectionException |
|
| 180 | + */ |
|
| 181 | + public static function setRelatedPrices(EE_Ticket $entity, array $prices) |
|
| 182 | + { |
|
| 183 | + $relationName = 'Price'; |
|
| 184 | + // Remove all the existing related entities |
|
| 185 | + $entity->_remove_relations($relationName); |
|
| 186 | + |
|
| 187 | + // @todo replace loop with single query |
|
| 188 | + foreach ($prices as $ID) { |
|
| 189 | + $parts = Relay::fromGlobalId($ID); |
|
| 190 | + if (! empty($parts['id']) && absint($parts['id'])) { |
|
| 191 | + $entity->_add_relation_to( |
|
| 192 | + $parts['id'], |
|
| 193 | + $relationName |
|
| 194 | + ); |
|
| 195 | + } |
|
| 196 | + } |
|
| 197 | + } |
|
| 198 | + |
|
| 199 | + |
|
| 200 | + /** |
|
| 201 | + * @param EE_Ticket $ticket_entity |
|
| 202 | + * @throws EE_Error |
|
| 203 | + * @throws InvalidArgumentException |
|
| 204 | + * @throws InvalidDataTypeException |
|
| 205 | + * @throws InvalidInterfaceException |
|
| 206 | + * @throws ReflectionException |
|
| 207 | + */ |
|
| 208 | + public static function addDefaultPrices(EE_Ticket $ticket_entity) |
|
| 209 | + { |
|
| 210 | + /** @var DefaultPrices $default_prices */ |
|
| 211 | + $default_prices = LoaderFactory::getLoader()->getShared( |
|
| 212 | + 'EventEspresso\core\domain\services\admin\entities\DefaultPrices' |
|
| 213 | + ); |
|
| 214 | + $default_prices->create($ticket_entity); |
|
| 215 | + } |
|
| 216 | 216 | } |
