Commit 2e07b610 authored by Markus Hermann's avatar Markus Hermann 🏈
Browse files

feat: Changed permissions for managing polls

parent 986f47aa
<?php
### Check Whether User Can Manage Polls
if( ! current_user_can( 'manage_polls' ) ) {
if( ! current_user_can( 'manage_poll_plugin' ) ) {
die( 'Access Denied' );
}
......
<?php
### Check Whether User Can Manage Polls
if(!current_user_can('manage_polls')) {
if(!current_user_can('manage_poll_plugin')) {
die('Access Denied');
}
......
......@@ -18,7 +18,7 @@
### Check Whether User Can Manage Polls
if( ! current_user_can( 'manage_polls' ) ) {
if( ! current_user_can( 'manage_poll_plugin' ) ) {
die( 'Access Denied' );
}
......
<?php
### Check Whether User Can Manage Polls
if(!current_user_can('manage_polls')) {
if(!current_user_can('manage_poll_plugin')) {
die('Access Denied');
}
......
......@@ -45,16 +45,56 @@ $wpdb->pollsq = $wpdb->prefix.'pollsq';
$wpdb->pollsa = $wpdb->prefix.'pollsa';
$wpdb->pollsip = $wpdb->prefix.'pollsip';
### Function: Poll Administration Menu
add_action( 'admin_menu', 'poll_menu' );
function poll_menu() {
add_menu_page( __( 'Polls', 'wp-polls' ), __( 'Polls', 'wp-polls' ), 'manage_polls', 'wp-polls/polls-manager.php', '', 'dashicons-chart-bar' );
add_menu_page(
__('Polls', 'wp-polls'),
__('Polls', 'wp-polls'),
'manage_polls',
'wp-polls/polls-manager.php',
'',
'dashicons-chart-bar'
);
// "Manage Polls" menu item
add_submenu_page(
'wp-polls/polls-manager.php',
__('Manage Polls', 'wp-polls'),
__('Manage Polls', 'wp-polls'),
'manage_polls',
'wp-polls/polls-manager.php'
);
// "Add Poll" menu item
add_submenu_page(
'wp-polls/polls-manager.php',
__('Add Poll', 'wp-polls'),
__('Add Poll', 'wp-polls'),
'manage_polls',
'wp-polls/polls-add.php'
);
if(current_user_can('manage_poll_plugin')) {
// "Poll Options" menu item
add_submenu_page(
'wp-polls/polls-manager.php',
__('Poll Options', 'wp-polls'),
__('Poll Options', 'wp-polls'),
'manage_polls',
'wp-polls/polls-options.php'
);
// "Poll Templates" menu item
add_submenu_page(
'wp-polls/polls-manager.php',
__('Poll Templates', 'wp-polls'),
__('Poll Templates', 'wp-polls'),
'manage_polls',
'wp-polls/polls-templates.php'
);
}
add_submenu_page( 'wp-polls/polls-manager.php', __( 'Manage Polls', 'wp-polls'), __( 'Manage Polls', 'wp-polls' ), 'manage_polls', 'wp-polls/polls-manager.php' );
add_submenu_page( 'wp-polls/polls-manager.php', __( 'Add Poll', 'wp-polls'), __( 'Add Poll', 'wp-polls' ), 'manage_polls', 'wp-polls/polls-add.php' );
add_submenu_page( 'wp-polls/polls-manager.php', __( 'Poll Options', 'wp-polls'), __( 'Poll Options', 'wp-polls' ), 'manage_polls', 'wp-polls/polls-options.php' );
add_submenu_page( 'wp-polls/polls-manager.php', __( 'Poll Templates', 'wp-polls'), __( 'Poll Templates', 'wp-polls' ), 'manage_polls', 'wp-polls/polls-templates.php' );
}
......@@ -1973,8 +2013,13 @@ function polls_activate() {
$wpdb->query( "ALTER TABLE $wpdb->pollsq MODIFY COLUMN pollq_expiry int(10) NOT NULL default '0';" );
}
// Set 'manage_polls' Capabilities To Administrator
// Set 'manage_poll_plugin' Capabilities To Administrator
$role = get_role( 'administrator' );
if( ! $role->has_cap( 'manage_poll_plugin' ) ) {
$role->add_cap( 'manage_poll_plugin' );
}
// Set 'manage_polls' Capabilities To editors
$role = get_role( 'editor' );
if( ! $role->has_cap( 'manage_polls' ) ) {
$role->add_cap( 'manage_polls' );
}
......@@ -2279,12 +2324,14 @@ function process_vote($poll_id, $answers = []) {
}
function displayHighchartsPollVote($poll_id, $user_voted = [], $display_loading = true) {
$nonce = wp_create_nonce(sprintf('poll_%s-nonce', $poll_id));
$nonce = wp_create_nonce("poll_$poll_id-nonce");
return sprintf(
'<div data-poll-id="%s" class="hpoll" data-poll-nonce="%s" data-poll-view-mode="vote"></div>',
$poll_id,
$nonce
return strtr(
'<div data-poll-id="%pollId" class="hpoll" data-poll-nonce="%nonce" data-poll-view-mode="vote"></div>',
[
"%pollId" => $poll_id,
"%nonce" => $nonce
]
);
}
......@@ -2338,12 +2385,14 @@ function displayHighchartsPollResult($poll_id, $user_voted = [], $display_loadin
]
];
$nonce = wp_create_nonce(sprintf('poll_%s-nonce', $poll_id));
$nonce = wp_create_nonce("poll_$poll_id-nonce");
// Return Poll Result
return sprintf(
'<div data-poll-id="%s" class="hpoll" data-poll-nonce="%s" data-poll-view-mode="result"></div>',
$poll_id,
$nonce
'<div data-poll-id="%pollId" class="hpoll" data-poll-nonce="%nonce" data-poll-view-mode="result"></div>',
[
"%pollId" => $poll_id,
"%nonce" => $nonce
]
);
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment