Unsupervised/unsupervised-scheduler
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Grant studio-admin capabilities to WordPress administrators

Browse Source 
WordPress administrators (manage_options) now implicitly hold every
studio-admin capability via a user_has_cap filter, so the site owner runs
the studio without being assigned the separate us_studio_admin role. The
grant persists nothing and is removed on deactivation. The us_studio_admin
role still exists for non-administrator staff and does NOT confer any core
WordPress admin powers.

Also re-gate the studio-wide "Scheduler" dashboard off manage_options onto
a new view_all_lessons capability (added to the studio-admin cap set), so a
us_studio_admin user can see it too — previously it was administrator-only.

- RoleManager: STUDIO_ADMIN_CAPS constant, CAP_VIEW_ALL_LESSONS,
  grantStudioCapsToAdministrators() user_has_cap filter
- AdminMenu + LessonController: Scheduler gated on view_all_lessons
- Docs: user-roles.md cap matrix + administrator note; lesson-booking.md
- Tests: administrators receive studio caps; non-admins do not

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
James Griffin-Allwood
2026-06-05 12:02:46 -03:00
parent 0b0dfe8f1c
commit b4acae34a3
6 changed files with 85 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/Unit/Auth/RoleManagerTest.php
+22 -1
View File
@@ -9,15 +9,36 @@ use Unsupervised\Schedular\Tests\Unit\TestCase;
class RoleManagerTest extends TestCase
{
public function testRegisterAddsInitHook(): void
public function testRegisterAddsInitHookAndCapFilter(): void
{
Functions\expect('add_action')
->once()
->with('init', \Mockery::any());
Functions\expect('add_filter')
->once()
->with('user_has_cap', \Mockery::any(), 10, 1);
(new RoleManager())->register();
}
public function testGrantsStudioCapsToAdministrators(): void
{
$result = (new RoleManager())->grantStudioCapsToAdministrators(['manage_options' => true]);
foreach (RoleManager::STUDIO_ADMIN_CAPS as $cap) {
self::assertTrue($result[$cap], "administrator should be granted {$cap}");
}
}
public function testDoesNotGrantStudioCapsToNonAdministrators(): void
{
$result = (new RoleManager())->grantStudioCapsToAdministrators(['read' => true]);
self::assertArrayNotHasKey(RoleManager::CAP_MANAGE_OFFERINGS, $result);
self::assertSame(['read' => true], $result);
}
public function testCreateRolesSkipsExistingRoles(): void
{
Functions\when('get_role')->alias(static fn() => new \stdClass());