Unsupervised/unsupervised-scheduler
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Grant studio-admin capabilities to WordPress administrators

Browse Source 
WordPress administrators (manage_options) now implicitly hold every
studio-admin capability via a user_has_cap filter, so the site owner runs
the studio without being assigned the separate us_studio_admin role. The
grant persists nothing and is removed on deactivation. The us_studio_admin
role still exists for non-administrator staff and does NOT confer any core
WordPress admin powers.

Also re-gate the studio-wide "Scheduler" dashboard off manage_options onto
a new view_all_lessons capability (added to the studio-admin cap set), so a
us_studio_admin user can see it too — previously it was administrator-only.

- RoleManager: STUDIO_ADMIN_CAPS constant, CAP_VIEW_ALL_LESSONS,
  grantStudioCapsToAdministrators() user_has_cap filter
- AdminMenu + LessonController: Scheduler gated on view_all_lessons
- Docs: user-roles.md cap matrix + administrator note; lesson-booking.md
- Tests: administrators receive studio caps; non-admins do not

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
James Griffin-Allwood
2026-06-05 12:02:46 -03:00
parent 0b0dfe8f1c
commit b4acae34a3
6 changed files with 85 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/features/lesson-booking.md
+1 -1
View File
@@ -53,7 +53,7 @@ Group classes follow the same registration flow but enrol against an offering of
kind `group_class`; see `group-classes.md`.
## Admin Interface
- **Scheduler** (`manage_options` only): all upcoming lessons across all instructors
- **Scheduler** (`view_all_lessons` — studio admin / administrators): all upcoming lessons across all instructors
- **My Lessons** (`view_own_lessons`): upcoming lessons for the logged-in instructor
## Frontend Shortcodes
docs/features/user-roles.md
+10 -1
View File
@@ -10,9 +10,17 @@ Runs the studio. Logs in via standard wp-admin. Can:
- Create instructor accounts and set/revoke each instructor's capabilities
- Manage offerings, intake questions, and policies
- Configure Stripe credentials and per-student billing overrides (card / e-transfer / comp)
- View the studio-wide scheduler (all upcoming lessons across instructors)
- View the all-instructor payments report and export it
**Capabilities:** `read`, `manage_instructors`, `manage_offerings`, `manage_questions`, `manage_policies`, `manage_billing`, `view_all_payments`, `export_payments`
**Capabilities:** `read`, `manage_instructors`, `manage_offerings`, `manage_questions`, `manage_policies`, `manage_billing`, `view_all_lessons`, `view_all_payments`, `export_payments`
> Any WordPress **administrator** (`manage_options`) implicitly holds every
> studio-admin capability above, so the site owner runs the studio without being
> assigned the `us_studio_admin` role. This is applied dynamically via the
> `user_has_cap` filter (`RoleManager::grantStudioCapsToAdministrators()`) — it
> persists nothing and is removed when the plugin is deactivated. The
> `us_studio_admin` role exists for non-administrator staff who manage the studio.
### Instructor (`us_instructor`)
Created by the studio admin. Logs in via standard wp-admin. Can:
@@ -41,6 +49,7 @@ Logs in via the front-end `[us_student_login]` shortcode. Can:
| `manage_policies` | ✓ | | | Policies |
| `manage_billing` | ✓ | | | Payments (Stripe + overrides) |
| `book_lesson` | | | ✓ | Lesson booking / enrolment |
| `view_all_lessons` | ✓ | | | Scheduler dashboard |
| `view_own_lessons` | | ✓ | ✓ | Lesson + group views |
| `view_own_payments` | | ✓ | | Payment reporting |
| `view_all_payments` | ✓ | | | Payment reporting |