[Improved] Capability check for Admin Bar

See: plausible#204
mustafauysal · Jul 22, 2024 · 6d728e0 · 6d728e0
1 parent 567c7f3
commit 6d728e0
Showing 1 changed file with 25 additions and 8 deletions.
diff --git a/src/Actions.php b/src/Actions.php
@@ -120,7 +120,23 @@ public function admin_bar_node( $admin_bar ) {
 			return; // @codeCoverageIgnore
 		}
 
-		if ( ! current_user_can( 'manage_options' ) ) {
+		$settings = Helpers::get_settings();
+		$current_user = wp_get_current_user();
+
+		$has_access             = false;
+		$user_roles_have_access = array_merge(
+			[ 'administrator' ],
+			$settings['expand_dashboard_access'] ?? []
+		);
+
+		foreach ( $current_user->roles as $role ) {
+			if ( in_array( $role, $user_roles_have_access, true ) ) {
+				$has_access = true;
+				break;
+			}
+		}
+
+		if ( ! $has_access ) {
 			return;
 		}
 
@@ -130,7 +146,6 @@ public function admin_bar_node( $admin_bar ) {
 			'title' => 'Plausible Analytics',
 		];
 
-		$settings = Helpers::get_settings();
 
 		if ( ! empty( $settings[ 'enable_analytics_dashboard' ] ) ||
 			( ! empty( $settings[ 'self_hosted_domain' ] ) && ! empty( $settings[ 'self_hosted_shared_link' ] ) ) ) {
@@ -160,12 +175,14 @@ public function admin_bar_node( $admin_bar ) {
 		}
 
 		// Add link to Plausible Settings page.
-		$args[] = [
-			'id'     => 'settings',
-			'title'  => esc_html__( 'Settings', 'plausible-analytics' ),
-			'href'   => admin_url( 'options-general.php?page=plausible_analytics' ),
-			'parent' => 'plausible-analytics',
-		];
+		if ( current_user_can( 'manage_options' ) ) {
+			$args[] = [
+				'id'     => 'settings',
+				'title'  => esc_html__( 'Settings', 'plausible-analytics' ),
+				'href'   => admin_url( 'options-general.php?page=plausible_analytics' ),
+				'parent' => 'plausible-analytics',
+			];
+		}
 
 		foreach ( $args as $arg ) {
 			$admin_bar->add_node( $arg );