Unsupervised/unsupervised-scheduler
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make WP admins instructors too, and add an Access toggle page
CI / No Debug Code (pull_request) Successful in 3s
Details
CI / Tests (PHP 8.2) (pull_request) Successful in 41s
Details
CI / Tests (PHP 8.3) (pull_request) Successful in 51s
Details
CI / Tests (PHP 8.1) (pull_request) Successful in 54s
Details
CI / Coding Standards (pull_request) Successful in 58s
Details
CI / PHPStan (pull_request) Successful in 1m9s
Details
CI / Build Plugin Zip (pull_request) Has been skipped
Details

Browse Source 
A WordPress administrator previously inherited the studio-admin
capabilities but not `manage_availability`, so the studio owner running
as an admin had no way to reach "My Availability" or act as the
instructor — breaking single-instructor businesses.

Grant the instructor capabilities to administrators as well (via the
existing `user_has_cap` filter), and make both grants — studio-admin and
instructor — independently toggleable from a new Access admin page.

- RoleManager: extract `INSTRUCTOR_CAPS`; apply studio and instructor
  cap sets to administrators, each gated on a stored toggle (default on).
- AccessSettings + templates/admin/access.php: two options
  (`us_admin_grant_studio` / `us_admin_grant_instructor`), gated on the
  core `manage_options` capability so disabling a grant can never lock an
  administrator out of re-enabling it.
- AdminMenu: register the Access page after Studio Settings; keep the
  studio sidebar separator visible for any administrator.
- Tests for the toggles and the new settings reader; docs updated.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
James Griffin-Allwood
2026-06-08 16:39:41 -03:00
parent 0a78f4b1ac
commit 67f8144a4a
7 changed files with 279 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/AdminMenu.php
+22
View File
@@ -5,6 +5,7 @@ namespace Unsupervised\Schedular;
use Unsupervised\Schedular\Availability\AvailabilityController;
use Unsupervised\Schedular\Availability\AvailabilityRepository;
use Unsupervised\Schedular\Auth\AccessSettings;
use Unsupervised\Schedular\Auth\InviteRepository;
use Unsupervised\Schedular\Auth\RegistrationController;
use Unsupervised\Schedular\Auth\RoleManager;
@@ -39,6 +40,7 @@ class AdminMenu {
private GroupClassController $groupClassController;
private StudentController $studentController;
private StudioSettings $settings;
private AccessSettings $accessSettings;
private PaymentController $paymentController;
private PaymentReportController $paymentReportController;
@@ -52,6 +54,7 @@ class AdminMenu {
$this->groupClassController = new GroupClassController( $enrollments, $offerings );
$this->studentController = new StudentController( $bookings, $availability, $offerings, $enrollments, $resolver );
$this->settings = $settings;
$this->accessSettings = new AccessSettings();
$this->paymentController = new PaymentController( $payments, $paymentService );
$this->paymentReportController = new PaymentReportController( $payments );
}
@@ -185,6 +188,19 @@ class AdminMenu {
30
);
// Site owner: whether WordPress administrators are studio admins / instructors.
// Gated on the core manage_options capability — never the plugin's own grants —
// so an administrator can always reach it to re-enable a disabled grant.
add_menu_page(
__( 'Access', 'unsupervised-schedular' ),
__( 'Access', 'unsupervised-schedular' ),
'manage_options',
'us-access',
[ $this->accessSettings, 'renderPage' ],
'dashicons-admin-network',
30.5
);
// Instructor: view their upcoming lessons.
add_menu_page(
__( 'My Lessons', 'unsupervised-schedular' ),
@@ -234,6 +250,12 @@ class AdminMenu {
}
private function userSeesStudioMenu(): bool {
// Administrators always see the Access page, so the leading separator
// should show for them even if both capability grants are disabled.
if ( current_user_can( 'manage_options' ) ) {
return true;
}
$caps = [
RoleManager::CAP_VIEW_ALL_LESSONS,
RoleManager::CAP_VIEW_LESSONS,