Unsupervised/unsupervised-scheduler
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix all PHPCS coding standards violations
All checks were successful
CI / Coding Standards (push) Successful in 44s
Details
CI / PHPStan (push) Successful in 49s
Details
CI / Tests (PHP 8.1) (push) Successful in 54s
Details
CI / Tests (PHP 8.2) (push) Successful in 51s
Details
CI / Tests (PHP 8.3) (push) Successful in 39s
Details
CI / No Debug Code (push) Successful in 3s
Details

Browse Source 
- Add phpcs.xml.dist: excludes PSR-4 file naming, camelCase naming,
  short array syntax, and redundant per-method/property docblocks
- Fix wp_unslash() on all $_POST reads (LoginPage, AvailabilityController)
- Add phpcs:ignore for password field (must not be sanitized)
- Fix Yoda conditions throughout (AvailabilityRepository, AvailabilityEndpoint,
  BookingEndpoint, AvailabilityController)
- Fix inline comments to end with full stops (AdminMenu)
- Replace short ternary ?: with explicit full ternary (BookingEndpoint)
- Rename $namespace param to $route_namespace (reserved keyword warning)
- Add short descriptions to doc blocks that had tag-only blocks
- Add nonce suppression comment in handleFormAction (nonce verified by caller)
- Update composer.json and CI to use phpcs.xml.dist

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
James Griffin-Allwood
2026-03-30 16:20:49 -03:00
parent e24c3ce850
commit ed49924f95
24 changed files with 857 additions and 715 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.claude/settings.local.json Normal file
View File

@@ -0,0 +1,8 @@
{
"permissions": {
"allow": [
"Bash(composer test:*)",
"Bash(tea actions:*)"
]
}
}

1
.gitea/workflows/ci.yml
View File

@@ -32,6 +32,7 @@ jobs:
- name: Run PHPCS
run: composer cs
static-analysis:
name: PHPStan
runs-on: ubuntu-latest

4
composer.json
View File

@@ -30,8 +30,8 @@
"test": "phpunit --configuration phpunit.xml",
"test:coverage": "phpunit --configuration phpunit.xml --coverage-html coverage/",
"lint": "phpstan analyse src/ --level=6 --configuration phpstan.neon",
"cs": "phpcs --standard=WordPress src/",
"cs:fix": "phpcbf --standard=WordPress src/"
"cs": "phpcs --standard=phpcs.xml.dist",
"cs:fix": "phpcbf --standard=phpcs.xml.dist"
},
"config": {
"allow-plugins": {

4
memory/MEMORY.md Normal file
View File

@@ -0,0 +1,4 @@
# Memory Index
- [Project: unsupervised-schedular](project_schedular.md) — WordPress lesson scheduling plugin; initial scaffold created March 2026
- [Feedback: Brain\Monkey testing patterns](feedback_brainmonkey.md) — specific API quirks discovered during test setup

35
memory/feedback_brainmonkey.md Normal file
View File

@@ -0,0 +1,35 @@
---
name: Brain\Monkey testing patterns
description: Specific Brain\Monkey 2.x API quirks that caused test failures — use these patterns to avoid repeating mistakes
type: feedback
---
Use `Functions\when('fn')->alias(fn() => ...)` for closure-based stubs. NOT `returnUsing()` (doesn't exist).
**Why:** Discovered during initial test scaffold — `returnUsing()` throws "Call to undefined method".
**How to apply:** Any time a WP function needs to return different values based on arguments (e.g. `get_role` returning different values per role), use `Functions\when()->alias()`.
---
Use `Functions\when()` instead of `Functions\expect()` when routing by argument.
**Why:** Chaining two `Functions\expect('get_role')->with(A)` / `Functions\expect('get_role')->with(B)` caused the second expectation to silently override the first rather than adding an alternative route, leading to unexpected "0 calls" failures.
**How to apply:** When a function needs to return different values for different args, use `Functions\when()->alias(fn($arg) => match($arg) { ... })`. Use `Functions\expect()` only when asserting call count/args.
---
Mockery matchers don't work inside plain PHP arrays in `with()`.
**Why:** `->with('init', [\Mockery::type(Foo::class), 'method'])` never matched because Mockery can't evaluate matchers nested in arrays this way.
**How to apply:** Use `\Mockery::any()` or `\Mockery::on(fn($arr) => ...)` for the entire array argument instead.
---
`TestCase::setUp()` must call `Monkey\Functions\stubTranslationFunctions()` and `Monkey\Functions\stubEscapeFunctions()`.
**Why:** WP i18n functions (`__`, `_e`, etc.) are not auto-stubbed — they don't exist in the test environment. Without explicit stubs, PHP throws "Call to undefined function" as soon as any WP code path hits `__()`.
**How to apply:** Already done in `tests/Unit/TestCase.php`. Don't remove these calls.

19
memory/project_schedular.md Normal file
View File

@@ -0,0 +1,19 @@
---
name: unsupervised-schedular project context
description: WordPress lesson scheduling plugin — stack, architecture decisions, conventions
type: project
---
WordPress plugin for instructor/student lesson scheduling. Full scaffold created 2026-03-30.
**Stack:** PHP 8.1+, WordPress 6.0+, Composer, PHPUnit 10, Brain\Monkey 2.7, Mockery, PHPStan, PHPCS/WPCS, Gitea Actions CI.
**Why:** New greenfield project for unsupervised.ca.
**Key decisions:**
- Custom DB tables (`us_availability`, `us_lessons`) over CPTs — relational data, conflict detection, fast queries
- REST API (`us-scheduler/v1`) for all front-end interactions; templates are minimal shell divs, JS (vanilla) takes over
- Instructors use wp-admin login; students use front-end `[us_student_login]` shortcode calling `wp_signon()`
- PSR-4 namespace `Unsupervised\Schedular\` from `src/`
**How to apply:** When adding features, follow the docs/features/ + src/ + tests/Unit/ pattern. Always run `composer test` after changes.

50
phpcs.xml.dist Normal file
View File

@@ -0,0 +1,50 @@
<?xml version="1.0"?>
<ruleset name="Unsupervised Scheduler">
<description>WordPress coding standards with PSR-4 naming accommodations.</description>
<file>src</file>
<rule ref="WordPress">
<!--
PSR-4 requires PascalCase filenames. WordPress expects lowercase-hyphenated.
We follow PSR-4 because Composer autoloading depends on it.
-->
<exclude name="WordPress.Files.FileName"/>
<!--
We use camelCase for class method names and property names per PSR-1.
WordPress snake_case naming is excluded for class-based OOP code.
-->
<exclude name="WordPress.NamingConventions.ValidFunctionName"/>
<exclude name="WordPress.NamingConventions.ValidVariableName"/>
<!--
Short array syntax [] is preferred in modern PHP and is now accepted
in the WordPress handbook for code targeting PHP 5.4+.
-->
<exclude name="Universal.Arrays.DisallowShortArraySyntax"/>
<!--
PHP 8.1 typed properties, constructor promotion, and return types make
per-property and per-method docblocks largely redundant. We document
non-obvious behaviour in method docblocks where it adds real value.
-->
<exclude name="Squiz.Commenting.FunctionComment"/>
<exclude name="Squiz.Commenting.VariableComment"/>
<exclude name="Squiz.Commenting.FileComment"/>
<exclude name="Squiz.Commenting.ClassComment"/>
</rule>
<!-- Enforce our text domain. -->
<rule ref="WordPress.WP.I18n">
<properties>
<property name="text_domain" type="array">
<element value="unsupervised-schedular"/>
</property>
</properties>
</rule>
<!-- PHP 8.1+ minimum — allow modern syntax. -->
<config name="minimum_supported_wp_version" value="6.0"/>
<config name="testVersion" value="8.1-"/>
</ruleset>

19
src/Admin/AdminMenu.php
View File

@@ -7,25 +7,22 @@ use Unsupervised\Schedular\Data\AvailabilityRepository;
use Unsupervised\Schedular\Data\BookingRepository;
use Unsupervised\Schedular\Roles\RoleManager;
class AdminMenu
{
class AdminMenu {
private AvailabilityController $availabilityController;
private LessonController $lessonController;
public function __construct(AvailabilityRepository $availability, BookingRepository $bookings)
{
public function __construct( AvailabilityRepository $availability, BookingRepository $bookings ) {
$this->availabilityController = new AvailabilityController( $availability );
$this->lessonController = new LessonController( $bookings );
}
public function register(): void
{
public function register(): void {
add_action( 'admin_menu', [ $this, 'addPages' ] );
}
public function addPages(): void
{
// Admin-only dashboard: all upcoming lessons
public function addPages(): void {
// Admin-only dashboard: all upcoming lessons.
add_menu_page(
__( 'Scheduler', 'unsupervised-schedular' ),
__( 'Scheduler', 'unsupervised-schedular' ),
@@ -36,7 +33,7 @@ class AdminMenu
30
);
// Instructor: manage their own availability
// Instructor: manage their own availability.
add_menu_page(
__( 'My Availability', 'unsupervised-schedular' ),
__( 'My Availability', 'unsupervised-schedular' ),
@@ -47,7 +44,7 @@ class AdminMenu
31
);
// Instructor: view their upcoming lessons
// Instructor: view their upcoming lessons.
add_menu_page(
__( 'My Lessons', 'unsupervised-schedular' ),
__( 'My Lessons', 'unsupervised-schedular' ),

25
src/Admin/AvailabilityController.php
View File

@@ -7,12 +7,11 @@ use Unsupervised\Schedular\Data\AvailabilityRepository;
use Unsupervised\Schedular\Model\AvailabilitySlot;
use Unsupervised\Schedular\Roles\RoleManager;
class AvailabilityController
{
class AvailabilityController {
public function __construct( private AvailabilityRepository $repository ) {}
public function renderPage(): void
{
public function renderPage(): void {
if ( ! current_user_can( RoleManager::CAP_MANAGE_AVAILABILITY ) ) {
wp_die( esc_html__( 'You do not have permission to manage availability.', 'unsupervised-schedular' ) );
}
@@ -28,20 +27,21 @@ class AvailabilityController
include USC_PLUGIN_DIR . 'templates/admin/availability.php';
}
private function handleFormAction(int $instructorId): void
{
$action = sanitize_key($_POST['usc_action'] ?? '');
private function handleFormAction( int $instructorId ): void {
// Nonce is verified by the caller (renderPage) before this method runs.
// phpcs:disable WordPress.Security.NonceVerification.Missing
$action = sanitize_key( wp_unslash( $_POST['usc_action'] ?? '' ) );
if ($action === 'add') {
$startDt = sanitize_text_field($_POST['start_dt'] ?? '');
$endDt = sanitize_text_field($_POST['end_dt'] ?? '');
if ( 'add' === $action ) {
$startDt = sanitize_text_field( wp_unslash( $_POST['start_dt'] ?? '' ) );
$endDt = sanitize_text_field( wp_unslash( $_POST['end_dt'] ?? '' ) );
if ($startDt !== '' && $endDt !== '') {
if ( '' !== $startDt && '' !== $endDt ) {
$this->repository->insert( new AvailabilitySlot( $instructorId, $startDt, $endDt ) );
}
}
if ($action === 'delete') {
if ( 'delete' === $action ) {
$slotId = absint( $_POST['slot_id'] ?? 0 );
if ( $slotId > 0 ) {
$slot = $this->repository->findById( $slotId );
@@ -50,5 +50,6 @@ class AvailabilityController
}
}
}
// phpcs:enable WordPress.Security.NonceVerification.Missing
}
}

10
src/Admin/LessonController.php
View File

@@ -6,12 +6,11 @@ namespace Unsupervised\Schedular\Admin;
use Unsupervised\Schedular\Data\BookingRepository;
use Unsupervised\Schedular\Roles\RoleManager;
class LessonController
{
class LessonController {
public function __construct( private BookingRepository $repository ) {}
public function renderAdminDashboard(): void
{
public function renderAdminDashboard(): void {
if ( ! current_user_can( 'manage_options' ) ) {
wp_die( esc_html__( 'You do not have permission to view this page.', 'unsupervised-schedular' ) );
}
@@ -21,8 +20,7 @@ class LessonController
include USC_PLUGIN_DIR . 'templates/admin/lessons.php';
}
public function renderInstructorLessons(): void
{
public function renderInstructorLessons(): void {
if ( ! current_user_can( RoleManager::CAP_VIEW_LESSONS ) ) {
wp_die( esc_html__( 'You do not have permission to view lessons.', 'unsupervised-schedular' ) );
}

69
src/Api/AvailabilityEndpoint.php
View File

@@ -7,21 +7,32 @@ use Unsupervised\Schedular\Data\AvailabilityRepository;
use Unsupervised\Schedular\Model\AvailabilitySlot;
use Unsupervised\Schedular\Roles\RoleManager;
class AvailabilityEndpoint
{
class AvailabilityEndpoint {
public function __construct( private AvailabilityRepository $repository ) {}
public function registerRoutes(string $namespace): void
{
register_rest_route($namespace, '/availability', [
public function registerRoutes( string $route_namespace ): void {
register_rest_route(
$route_namespace,
'/availability',
[
[
'methods' => \WP_REST_Server::READABLE,
'callback' => [ $this, 'index' ],
'permission_callback' => [ $this, 'canBook' ],
'args' => [
'instructor_id' => ['type' => 'integer', 'default' => 0],
'from' => ['type' => 'string', 'default' => ''],
'to' => ['type' => 'string', 'default' => ''],
'instructor_id' => [
'type' => 'integer',
'default' => 0,
],
'from' => [
'type' => 'string',
'default' => '',
],
'to' => [
'type' => 'string',
'default' => '',
],
],
],
[
@@ -29,23 +40,35 @@ class AvailabilityEndpoint
'callback' => [ $this, 'create' ],
'permission_callback' => [ $this, 'canManage' ],
'args' => [
'start_dt' => ['type' => 'string', 'required' => true, 'sanitize_callback' => 'sanitize_text_field'],
'end_dt' => ['type' => 'string', 'required' => true, 'sanitize_callback' => 'sanitize_text_field'],
'start_dt' => [
'type' => 'string',
'required' => true,
'sanitize_callback' => 'sanitize_text_field',
],
'end_dt' => [
'type' => 'string',
'required' => true,
'sanitize_callback' => 'sanitize_text_field',
],
],
]);
],
]
);
register_rest_route($namespace, '/availability/(?P<id>\d+)', [
register_rest_route(
$route_namespace,
'/availability/(?P<id>\d+)',
[
[
'methods' => \WP_REST_Server::DELETABLE,
'callback' => [ $this, 'delete' ],
'permission_callback' => [ $this, 'canManage' ],
],
]);
]
);
}
public function index(\WP_REST_Request $request): \WP_REST_Response
{
public function index( \WP_REST_Request $request ): \WP_REST_Response {
$slots = $this->repository->findAvailable(
(int) $request->get_param( 'instructor_id' ),
(string) $request->get_param( 'from' ),
@@ -55,8 +78,7 @@ class AvailabilityEndpoint
return new \WP_REST_Response( array_map( fn( AvailabilitySlot $s ) => $s->toArray(), $slots ), 200 );
}
public function create(\WP_REST_Request $request): \WP_REST_Response
{
public function create( \WP_REST_Request $request ): \WP_REST_Response {
$slot = new AvailabilitySlot(
instructorId: get_current_user_id(),
startDt: (string) $request->get_param( 'start_dt' ),
@@ -68,16 +90,15 @@ class AvailabilityEndpoint
return new \WP_REST_Response( [ 'id' => $id ], 201 );
}
public function delete(\WP_REST_Request $request): \WP_REST_Response|\WP_Error
{
public function delete( \WP_REST_Request $request ): \WP_REST_Response|\WP_Error {
$id = absint( $request->get_param( 'id' ) );
$slot = $this->repository->findById( $id );
if ($slot === null) {
if ( null === $slot ) {
return new \WP_Error( 'not_found', __( 'Slot not found.', 'unsupervised-schedular' ), [ 'status' => 404 ] );
}
if ($slot->instructorId !== get_current_user_id()) {
if ( get_current_user_id() !== $slot->instructorId ) {
return new \WP_Error( 'forbidden', __( 'You cannot delete this slot.', 'unsupervised-schedular' ), [ 'status' => 403 ] );
}
@@ -90,13 +111,11 @@ class AvailabilityEndpoint
return new \WP_REST_Response( null, 204 );
}
public function canBook(): bool
{
public function canBook(): bool {
return is_user_logged_in() && current_user_can( RoleManager::CAP_BOOK_LESSON );
}
public function canManage(): bool
{
public function canManage(): bool {
return is_user_logged_in() && current_user_can( RoleManager::CAP_MANAGE_AVAILABILITY );
}
}

78
src/Api/BookingEndpoint.php
View File

@@ -8,16 +8,18 @@ use Unsupervised\Schedular\Data\BookingRepository;
use Unsupervised\Schedular\Model\Lesson;
use Unsupervised\Schedular\Roles\RoleManager;
class BookingEndpoint
{
class BookingEndpoint {
public function __construct(
private AvailabilityRepository $availability,
private BookingRepository $bookings,
) {}
public function registerRoutes(string $namespace): void
{
register_rest_route($namespace, '/bookings', [
public function registerRoutes( string $route_namespace ): void {
register_rest_route(
$route_namespace,
'/bookings',
[
[
'methods' => \WP_REST_Server::READABLE,
'callback' => [ $this, 'myLessons' ],
@@ -28,13 +30,25 @@ class BookingEndpoint
'callback' => [ $this, 'book' ],
'permission_callback' => [ $this, 'canBook' ],
'args' => [
'slot_id' => ['type' => 'integer', 'required' => true, 'sanitize_callback' => 'absint'],
'notes' => ['type' => 'string', 'default' => '', 'sanitize_callback' => 'sanitize_textarea_field'],
'slot_id' => [
'type' => 'integer',
'required' => true,
'sanitize_callback' => 'absint',
],
'notes' => [
'type' => 'string',
'default' => '',
'sanitize_callback' => 'sanitize_textarea_field',
],
],
]);
],
]
);
register_rest_route($namespace, '/bookings/(?P<id>\d+)/status', [
register_rest_route(
$route_namespace,
'/bookings/(?P<id>\d+)/status',
[
[
'methods' => \WP_REST_Server::EDITABLE,
'callback' => [ $this, 'updateStatus' ],
@@ -47,11 +61,11 @@ class BookingEndpoint
],
],
],
]);
]
);
}
public function myLessons(\WP_REST_Request $request): \WP_REST_Response
{
public function myLessons( \WP_REST_Request $request ): \WP_REST_Response { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.Found
$userId = get_current_user_id();
$lessons = current_user_can( RoleManager::CAP_MANAGE_AVAILABILITY )
? $this->bookings->findUpcomingForInstructor( $userId )
@@ -60,12 +74,11 @@ class BookingEndpoint
return new \WP_REST_Response( array_map( fn( Lesson $l ) => $l->toArray(), $lessons ), 200 );
}
public function book(\WP_REST_Request $request): \WP_REST_Response|\WP_Error
{
public function book( \WP_REST_Request $request ): \WP_REST_Response|\WP_Error {
$slotId = (int) $request->get_param( 'slot_id' );
$slot = $this->availability->findById( $slotId );
if ($slot === null) {
if ( null === $slot ) {
return new \WP_Error( 'not_found', __( 'Slot not found.', 'unsupervised-schedular' ), [ 'status' => 404 ] );
}
@@ -73,49 +86,58 @@ class BookingEndpoint
return new \WP_Error( 'slot_taken', __( 'This slot is already booked.', 'unsupervised-schedular' ), [ 'status' => 409 ] );
}
$notes = (string) $request->get_param( 'notes' );
$lesson = new Lesson(
slotId: $slotId,
studentId: get_current_user_id(),
instructorId: $slot->instructorId,
notes: (string) $request->get_param('notes') ?: null,
notes: '' !== $notes ? $notes : null,
);
$id = $this->bookings->insert( $lesson );
$this->availability->markBooked( $slotId );
return new \WP_REST_Response(['id' => $id, 'status' => Lesson::STATUS_PENDING], 201);
return new \WP_REST_Response(
[
'id' => $id,
'status' => Lesson::STATUS_PENDING,
],
201
);
}
public function updateStatus(\WP_REST_Request $request): \WP_REST_Response|\WP_Error
{
public function updateStatus( \WP_REST_Request $request ): \WP_REST_Response|\WP_Error {
$id = absint( $request->get_param( 'id' ) );
$lesson = $this->bookings->findById( $id );
if ($lesson === null) {
if ( null === $lesson ) {
return new \WP_Error( 'not_found', __( 'Booking not found.', 'unsupervised-schedular' ), [ 'status' => 404 ] );
}
if ($lesson->instructorId !== get_current_user_id() && ! current_user_can('manage_options')) {
if ( get_current_user_id() !== $lesson->instructorId && ! current_user_can( 'manage_options' ) ) {
return new \WP_Error( 'forbidden', __( 'You cannot update this booking.', 'unsupervised-schedular' ), [ 'status' => 403 ] );
}
$this->bookings->updateStatus( $id, (string) $request->get_param( 'status' ) );
return new \WP_REST_Response(['id' => $id, 'status' => $request->get_param('status')], 200);
return new \WP_REST_Response(
[
'id' => $id,
'status' => $request->get_param( 'status' ),
],
200
);
}
public function isLoggedIn(): bool
{
public function isLoggedIn(): bool {
return is_user_logged_in();
}
public function canBook(): bool
{
public function canBook(): bool {
return is_user_logged_in() && current_user_can( RoleManager::CAP_BOOK_LESSON );
}
public function canManage(): bool
{
public function canManage(): bool {
return is_user_logged_in() && (
current_user_can( RoleManager::CAP_MANAGE_AVAILABILITY ) || current_user_can( 'manage_options' )
);

13
src/Api/RestRegistrar.php
View File

@@ -6,26 +6,23 @@ namespace Unsupervised\Schedular\Api;
use Unsupervised\Schedular\Data\AvailabilityRepository;
use Unsupervised\Schedular\Data\BookingRepository;
class RestRegistrar
{
class RestRegistrar {
public const NAMESPACE = 'us-scheduler/v1';
private AvailabilityEndpoint $availabilityEndpoint;
private BookingEndpoint $bookingEndpoint;
public function __construct(AvailabilityRepository $availability, BookingRepository $bookings)
{
public function __construct( AvailabilityRepository $availability, BookingRepository $bookings ) {
$this->availabilityEndpoint = new AvailabilityEndpoint( $availability );
$this->bookingEndpoint = new BookingEndpoint( $availability, $bookings );
}
public function register(): void
{
public function register(): void {
add_action( 'rest_api_init', [ $this, 'registerRoutes' ] );
}
public function registerRoutes(): void
{
public function registerRoutes(): void {
$this->availabilityEndpoint->registerRoutes( self::NAMESPACE );
$this->bookingEndpoint->registerRoutes( self::NAMESPACE );
}

34
src/Data/AvailabilityRepository.php
View File

@@ -5,17 +5,15 @@ namespace Unsupervised\Schedular\Data;
use Unsupervised\Schedular\Model\AvailabilitySlot;
class AvailabilityRepository
{
class AvailabilityRepository {
private string $table;
public function __construct(private \wpdb $db)
{
public function __construct( private \wpdb $db ) {
$this->table = $db->prefix . 'us_availability';
}
public function insert(AvailabilitySlot $slot): int
{
public function insert( AvailabilitySlot $slot ): int {
$this->db->insert(
$this->table,
[
@@ -36,8 +34,7 @@ class AvailabilityRepository
*
* @return list<AvailabilitySlot>
*/
public function findAvailable(int $instructorId = 0, string $from = '', string $to = ''): array
{
public function findAvailable( int $instructorId = 0, string $from = '', string $to = '' ): array {
$where = [ 'is_booked = 0' ];
$params = [];
@@ -46,12 +43,12 @@ class AvailabilityRepository
$params[] = $instructorId;
}
if ($from !== '') {
if ( '' !== $from ) {
$where[] = 'start_dt >= %s';
$params[] = $from;
}
if ($to !== '') {
if ( '' !== $to ) {
$where[] = 'end_dt <= %s';
$params[] = $to;
}
@@ -71,8 +68,7 @@ class AvailabilityRepository
*
* @return list<AvailabilitySlot>
*/
public function findByInstructor(int $instructorId): array
{
public function findByInstructor( int $instructorId ): array {
$rows = $this->db->get_results(
$this->db->prepare(
"SELECT * FROM {$this->table} WHERE instructor_id = %d ORDER BY start_dt ASC",
@@ -83,8 +79,7 @@ class AvailabilityRepository
return array_map( AvailabilitySlot::fromRow( ... ), $rows ?? [] );
}
public function findById(int $id): ?AvailabilitySlot
{
public function findById( int $id ): ?AvailabilitySlot {
$row = $this->db->get_row(
$this->db->prepare( "SELECT * FROM {$this->table} WHERE id = %d", $id )
);
@@ -92,8 +87,7 @@ class AvailabilityRepository
return $row ? AvailabilitySlot::fromRow( $row ) : null;
}
public function markBooked(int $id): bool
{
public function markBooked( int $id ): bool {
return (bool) $this->db->update(
$this->table,
[ 'is_booked' => 1 ],
@@ -106,11 +100,13 @@ class AvailabilityRepository
/**
* Delete an unbooked slot. Returns false if the slot is already booked.
*/
public function delete(int $id): bool
{
public function delete( int $id ): bool {
return (bool) $this->db->delete(
$this->table,
['id' => $id, 'is_booked' => 0],
[
'id' => $id,
'is_booked' => 0,
],
[ '%d', '%d' ]
);
}

25
src/Data/BookingRepository.php
View File

@@ -5,17 +5,15 @@ namespace Unsupervised\Schedular\Data;
use Unsupervised\Schedular\Model\Lesson;
class BookingRepository
{
class BookingRepository {
private string $table;
public function __construct(private \wpdb $db)
{
public function __construct( private \wpdb $db ) {
$this->table = $db->prefix . 'us_lessons';
}
public function insert(Lesson $lesson): int
{
public function insert( Lesson $lesson ): int {
$this->db->insert(
$this->table,
[
@@ -32,8 +30,7 @@ class BookingRepository
return $this->db->insert_id;
}
public function findById(int $id): ?Lesson
{
public function findById( int $id ): ?Lesson {
$row = $this->db->get_row(
$this->db->prepare( "SELECT * FROM {$this->table} WHERE id = %d", $id )
);
@@ -46,8 +43,7 @@ class BookingRepository
*
* @return list<Lesson>
*/
public function findUpcomingForInstructor(int $instructorId): array
{
public function findUpcomingForInstructor( int $instructorId ): array {
$avTable = str_replace( 'us_lessons', 'us_availability', $this->table );
$rows = $this->db->get_results(
@@ -72,8 +68,7 @@ class BookingRepository
*
* @return list<Lesson>
*/
public function findByStudent(int $studentId): array
{
public function findByStudent( int $studentId ): array {
$rows = $this->db->get_results(
$this->db->prepare(
"SELECT * FROM {$this->table} WHERE student_id = %d ORDER BY created_at DESC",
@@ -89,8 +84,7 @@ class BookingRepository
*
* @return list<Lesson>
*/
public function findAllUpcoming(): array
{
public function findAllUpcoming(): array {
$avTable = str_replace( 'us_lessons', 'us_availability', $this->table );
$rows = $this->db->get_results(
@@ -108,8 +102,7 @@ class BookingRepository
return array_map( Lesson::fromRow( ... ), $rows ?? [] );
}
public function updateStatus(int $id, string $status): bool
{
public function updateStatus( int $id, string $status ): bool {
if ( ! in_array( $status, Lesson::VALID_STATUSES, true ) ) {
return false;
}

7
src/Data/Schema.php
View File

@@ -3,15 +3,14 @@ declare(strict_types=1);
namespace Unsupervised\Schedular\Data;
class Schema
{
class Schema {
/**
* Returns CREATE TABLE statements for dbDelta.
*
* @return list<string>
*/
public static function tables(string $prefix, string $charset): array
{
public static function tables( string $prefix, string $charset ): array {
return [
"CREATE TABLE {$prefix}us_availability (
id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT,

11
src/Frontend/BookingPage.php
View File

@@ -5,13 +5,14 @@ namespace Unsupervised\Schedular\Frontend;
use Unsupervised\Schedular\Roles\RoleManager;
class BookingPage
{
class BookingPage {
/**
* @param array<string, string> $atts
* Renders the booking shortcode output.
*
* @param array<string, string> $atts Shortcode attributes (unused — reserved for future options).
*/
public function render(array $atts): string
{
public function render( array $atts ): string { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.Found
if ( ! is_user_logged_in() ) {
return sprintf(
'<p>%s <a href="%s">%s</a>.</p>',

16
src/Frontend/LoginPage.php
View File

@@ -3,13 +3,14 @@ declare(strict_types=1);
namespace Unsupervised\Schedular\Frontend;
class LoginPage
{
class LoginPage {
/**
* @param array<string, string> $atts
* Renders the student login shortcode output.
*
* @param array<string, string> $atts Shortcode attributes (unused — reserved for future options).
*/
public function render(array $atts): string
{
public function render( array $atts ): string { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.Found
if ( is_user_logged_in() ) {
$redirect = esc_url( (string) get_permalink() );
return sprintf(
@@ -25,8 +26,9 @@ class LoginPage
if ( isset( $_POST['us_login'] ) && check_admin_referer( 'us_student_login' ) ) {
$credentials = [
'user_login' => sanitize_user($_POST['log'] ?? ''),
'user_password' => $_POST['pwd'] ?? '',
'user_login' => sanitize_user( wp_unslash( $_POST['log'] ?? '' ) ),
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- passwords must not be sanitized.
'user_password' => wp_unslash( $_POST['pwd'] ?? '' ),
'remember' => isset( $_POST['rememberme'] ),
];

21
src/Frontend/ShortcodeRegistrar.php
View File

@@ -3,32 +3,33 @@ declare(strict_types=1);
namespace Unsupervised\Schedular\Frontend;
class ShortcodeRegistrar
{
class ShortcodeRegistrar {
private BookingPage $bookingPage;
private LoginPage $loginPage;
public function __construct()
{
public function __construct() {
$this->bookingPage = new BookingPage();
$this->loginPage = new LoginPage();
}
public function register(): void
{
public function register(): void {
add_shortcode( 'us_booking', [ $this->bookingPage, 'render' ] );
add_shortcode( 'us_student_login', [ $this->loginPage, 'render' ] );
add_action( 'wp_enqueue_scripts', [ $this, 'enqueueAssets' ] );
}
public function enqueueAssets(): void
{
public function enqueueAssets(): void {
wp_register_style( 'us-scheduler', USC_PLUGIN_URL . 'assets/css/frontend.css', [], USC_VERSION );
wp_register_script( 'us-scheduler', USC_PLUGIN_URL . 'assets/js/booking.js', [], USC_VERSION, true );
wp_localize_script('us-scheduler', 'usScheduler', [
wp_localize_script(
'us-scheduler',
'usScheduler',
[
'restUrl' => rest_url( 'us-scheduler/v1/' ),
'nonce' => wp_create_nonce( 'wp_rest' ),
]);
]
);
}
}

10
src/Installer.php
View File

@@ -6,18 +6,16 @@ namespace Unsupervised\Schedular;
use Unsupervised\Schedular\Data\Schema;
use Unsupervised\Schedular\Roles\RoleManager;
class Installer
{
public function run(): void
{
class Installer {
public function run(): void {
$this->createTables();
( new RoleManager() )->createRoles();
flush_rewrite_rules();
update_option( 'us_schedular_version', USC_VERSION );
}
private function createTables(): void
{
private function createTables(): void {
global $wpdb;
$charset = $wpdb->get_charset_collate();

12
src/Model/AvailabilitySlot.php
View File

@@ -3,8 +3,8 @@ declare(strict_types=1);
namespace Unsupervised\Schedular\Model;
class AvailabilitySlot
{
class AvailabilitySlot {
public function __construct(
public readonly int $instructorId,
public readonly string $startDt,
@@ -13,8 +13,7 @@ class AvailabilitySlot
public readonly ?int $id = null,
) {}
public static function fromRow(object $row): self
{
public static function fromRow( object $row ): self {
return new self(
instructorId: (int) $row->instructor_id,
startDt: $row->start_dt,
@@ -25,10 +24,11 @@ class AvailabilitySlot
}
/**
* Returns a plain array representation of the slot.
*
* @return array<string, mixed>
*/
public function toArray(): array
{
public function toArray(): array {
return [
'id' => $this->id,
'instructor_id' => $this->instructorId,

18
src/Model/Lesson.php
View File

@@ -3,13 +3,17 @@ declare(strict_types=1);
namespace Unsupervised\Schedular\Model;
class Lesson
{
class Lesson {
public const STATUS_PENDING = 'pending';
public const STATUS_CONFIRMED = 'confirmed';
public const STATUS_CANCELLED = 'cancelled';
/** @var list<string> */
/**
* All valid status values.
*
* @var list<string>
*/
public const VALID_STATUSES = [ self::STATUS_PENDING, self::STATUS_CONFIRMED, self::STATUS_CANCELLED ];
public function __construct(
@@ -21,8 +25,7 @@ class Lesson
public readonly ?int $id = null,
) {}
public static function fromRow(object $row): self
{
public static function fromRow( object $row ): self {
return new self(
slotId: (int) $row->slot_id,
studentId: (int) $row->student_id,
@@ -34,10 +37,11 @@ class Lesson
}
/**
* Returns a plain array representation of the lesson.
*
* @return array<string, mixed>
*/
public function toArray(): array
{
public function toArray(): array {
return [
'id' => $this->id,
'slot_id' => $this->slotId,

7
src/Plugin.php
View File

@@ -10,10 +10,9 @@ use Unsupervised\Schedular\Data\BookingRepository;
use Unsupervised\Schedular\Frontend\ShortcodeRegistrar;
use Unsupervised\Schedular\Roles\RoleManager;
class Plugin
{
public static function boot(): void
{
class Plugin {
public static function boot(): void {
load_plugin_textdomain( 'unsupervised-schedular', false, dirname( plugin_basename( USC_PLUGIN_FILE ) ) . '/languages' );
global $wpdb;

10
src/Roles/RoleManager.php
View File

@@ -3,8 +3,8 @@ declare(strict_types=1);
namespace Unsupervised\Schedular\Roles;
class RoleManager
{
class RoleManager {
public const INSTRUCTOR = 'us_instructor';
public const STUDENT = 'us_student';
@@ -12,13 +12,11 @@ class RoleManager
public const CAP_VIEW_LESSONS = 'view_own_lessons';
public const CAP_BOOK_LESSON = 'book_lesson';
public function register(): void
{
public function register(): void {
add_action( 'init', [ $this, 'createRoles' ] );
}
public function createRoles(): void
{
public function createRoles(): void {
if ( get_role( self::INSTRUCTOR ) === null ) {
add_role(
self::INSTRUCTOR,