Make WP admins instructors too, and add an Access toggle page
CI / No Debug Code (pull_request) Successful in 3s
CI / Tests (PHP 8.2) (pull_request) Successful in 41s
CI / Tests (PHP 8.3) (pull_request) Successful in 51s
CI / Tests (PHP 8.1) (pull_request) Successful in 54s
CI / Coding Standards (pull_request) Successful in 58s
CI / PHPStan (pull_request) Successful in 1m9s
CI / Build Plugin Zip (pull_request) Has been skipped
CI / No Debug Code (pull_request) Successful in 3s
CI / Tests (PHP 8.2) (pull_request) Successful in 41s
CI / Tests (PHP 8.3) (pull_request) Successful in 51s
CI / Tests (PHP 8.1) (pull_request) Successful in 54s
CI / Coding Standards (pull_request) Successful in 58s
CI / PHPStan (pull_request) Successful in 1m9s
CI / Build Plugin Zip (pull_request) Has been skipped
A WordPress administrator previously inherited the studio-admin capabilities but not `manage_availability`, so the studio owner running as an admin had no way to reach "My Availability" or act as the instructor — breaking single-instructor businesses. Grant the instructor capabilities to administrators as well (via the existing `user_has_cap` filter), and make both grants — studio-admin and instructor — independently toggleable from a new Access admin page. - RoleManager: extract `INSTRUCTOR_CAPS`; apply studio and instructor cap sets to administrators, each gated on a stored toggle (default on). - AccessSettings + templates/admin/access.php: two options (`us_admin_grant_studio` / `us_admin_grant_instructor`), gated on the core `manage_options` capability so disabling a grant can never lock an administrator out of re-enabling it. - AdminMenu: register the Access page after Studio Settings; keep the studio sidebar separator visible for any administrator. - Tests for the toggles and the new settings reader; docs updated. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -4,11 +4,21 @@ declare(strict_types=1);
|
||||
namespace Unsupervised\Schedular\Tests\Unit\Auth;
|
||||
|
||||
use Brain\Monkey\Functions;
|
||||
use Unsupervised\Schedular\Auth\AccessSettings;
|
||||
use Unsupervised\Schedular\Auth\RoleManager;
|
||||
use Unsupervised\Schedular\Tests\Unit\TestCase;
|
||||
|
||||
class RoleManagerTest extends TestCase
|
||||
{
|
||||
private function roleManager(bool $studio = true, bool $instructor = true): RoleManager
|
||||
{
|
||||
$access = \Mockery::mock(AccessSettings::class);
|
||||
$access->allows('adminsAreStudioAdmins')->andReturn($studio);
|
||||
$access->allows('adminsAreInstructors')->andReturn($instructor);
|
||||
|
||||
return new RoleManager($access);
|
||||
}
|
||||
|
||||
public function testRegisterAddsInitHookAndCapFilter(): void
|
||||
{
|
||||
Functions\expect('add_action')
|
||||
@@ -24,16 +34,49 @@ class RoleManagerTest extends TestCase
|
||||
|
||||
public function testGrantsStudioCapsToAdministrators(): void
|
||||
{
|
||||
$result = (new RoleManager())->grantStudioCapsToAdministrators(['manage_options' => true]);
|
||||
$result = $this->roleManager()->grantStudioCapsToAdministrators(['manage_options' => true]);
|
||||
|
||||
foreach (RoleManager::STUDIO_ADMIN_CAPS as $cap) {
|
||||
self::assertTrue($result[$cap], "administrator should be granted {$cap}");
|
||||
}
|
||||
}
|
||||
|
||||
public function testDoesNotGrantStudioCapsToNonAdministrators(): void
|
||||
public function testGrantsInstructorCapsToAdministrators(): void
|
||||
{
|
||||
$result = (new RoleManager())->grantStudioCapsToAdministrators(['read' => true]);
|
||||
$result = $this->roleManager()->grantStudioCapsToAdministrators(['manage_options' => true]);
|
||||
|
||||
// A single-instructor studio owner runs as an administrator and also
|
||||
// teaches, so they get the instructor caps — notably manage_availability,
|
||||
// which is not part of the studio-admin set.
|
||||
self::assertTrue($result[RoleManager::CAP_MANAGE_AVAILABILITY], 'administrator should be able to manage availability');
|
||||
foreach (RoleManager::INSTRUCTOR_CAPS as $cap) {
|
||||
self::assertTrue($result[$cap], "administrator should be granted {$cap}");
|
||||
}
|
||||
}
|
||||
|
||||
public function testStudioGrantDisabledWithholdsStudioCapsFromAdministrators(): void
|
||||
{
|
||||
$result = $this->roleManager(studio: false)->grantStudioCapsToAdministrators(['manage_options' => true]);
|
||||
|
||||
// manage_instructors is studio-only, so it disappears when the grant is off.
|
||||
self::assertArrayNotHasKey(RoleManager::CAP_MANAGE_INSTRUCTORS, $result);
|
||||
// Instructor caps remain because that grant is still on.
|
||||
self::assertTrue($result[RoleManager::CAP_MANAGE_AVAILABILITY]);
|
||||
}
|
||||
|
||||
public function testInstructorGrantDisabledWithholdsInstructorCapsFromAdministrators(): void
|
||||
{
|
||||
$result = $this->roleManager(instructor: false)->grantStudioCapsToAdministrators(['manage_options' => true]);
|
||||
|
||||
// manage_availability is instructor-only, so it disappears when the grant is off.
|
||||
self::assertArrayNotHasKey(RoleManager::CAP_MANAGE_AVAILABILITY, $result);
|
||||
// Studio caps remain because that grant is still on.
|
||||
self::assertTrue($result[RoleManager::CAP_MANAGE_INSTRUCTORS]);
|
||||
}
|
||||
|
||||
public function testDoesNotGrantCapsToNonAdministrators(): void
|
||||
{
|
||||
$result = $this->roleManager()->grantStudioCapsToAdministrators(['read' => true]);
|
||||
|
||||
self::assertArrayNotHasKey(RoleManager::CAP_MANAGE_OFFERINGS, $result);
|
||||
self::assertSame(['read' => true], $result);
|
||||
|
||||
Reference in New Issue
Block a user