Merge pull request #1426 from sapayth/fix/admin_bar_access_not_working

fix: Admin Bar Visibility and Access
weDevsOfficial · Feb 5, 2024 · e43cc0c · e43cc0c
2 parents 1130bcf + 315cc99
commit e43cc0c
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 0 deletions.
diff --git a/includes/Admin.php b/includes/Admin.php
@@ -39,6 +39,9 @@ public function __construct() {
         // enqueue common scripts that will load throughout WordPress dashboard. notice, what's new etc.
         add_action( 'admin_enqueue_scripts', [ $this, 'enqueue_common_scripts' ] );
         add_action( 'admin_enqueue_scripts', [ $this, 'enqueue_cpt_page_scripts' ] );
+
+        // block admin access as per wpuf settings
+        add_action( 'admin_init', [ $this, 'block_admin_access' ] );
     }
 
     /**
@@ -130,4 +133,27 @@ public function enqueue_cpt_page_scripts( $hook_suffix ) {
             }
         }
     }
+
+    /**
+     * Block user access to admin panel for specific roles
+     *
+     * @global string $pagenow
+     */
+    public function block_admin_access() {
+        global $pagenow;
+
+        // bail out if we are from WP Cli
+        if ( defined( 'WP_CLI' ) ) {
+            return;
+        }
+
+        $access_level = wpuf_get_option( 'admin_access', 'wpuf_general', 'read' );
+        $valid_pages  = [ 'admin-ajax.php', 'admin-post.php', 'async-upload.php', 'media-upload.php' ];
+
+        if ( ! current_user_can( $access_level ) && ! in_array( $pagenow, $valid_pages ) ) {
+            // wp_die( __( 'Access Denied. Your site administrator has blocked your access to the WordPress back-office.', 'wpuf' ) );
+            wp_redirect( home_url() );
+            exit;
+        }
+    }
 }
diff --git a/includes/Frontend.php b/includes/Frontend.php
@@ -25,6 +25,9 @@ public function __construct() {
         $this->form_preview       = new Frontend\Form_Preview();
 
         add_action( 'wp_enqueue_scripts', [ $this, 'enqueue_scripts' ] );
+
+        // show admin bar as per wpuf settings
+        add_filter( 'show_admin_bar', [ $this, 'show_admin_bar' ] );
     }
 
     /**
@@ -159,4 +162,31 @@ private function dokan_is_seller_dashboard() {
                 && dokan_is_seller_dashboard()
                 && ! empty( $wp->query_vars['posts'] );
     }
+
+
+
+    /**
+     * Show/hide admin bar to the permitted user level
+     *
+     * @since 2.2.3
+     *
+     * @return bool
+     */
+    public function show_admin_bar( $val ) {
+        if ( ! is_user_logged_in() ) {
+            return false;
+        }
+
+        $roles        = wpuf_get_option( 'show_admin_bar', 'wpuf_general', [ 'administrator', 'editor', 'author', 'contributor', 'subscriber' ] );
+        $roles        = $roles && is_string( $roles ) ? [ strtolower( $roles ) ] : $roles;
+        $current_user = wp_get_current_user();
+
+        if ( ! empty( $current_user->roles ) && ! empty( $current_user->roles[0] ) ) {
+            if ( ! in_array( $current_user->roles[0], $roles ) ) {
+                return false;
+            }
+        }
+
+        return $val;
+    }
 }