From 6d728e029ec53edd2a942fefe79d6ccf79bd6d56 Mon Sep 17 00:00:00 2001 From: mustafauysal Date: Mon, 22 Jul 2024 23:56:35 +0300 Subject: [PATCH] [Improved] Capability check for Admin Bar See: https://github.com/plausible/wordpress/issues/204 --- src/Actions.php | 33 +++++++++++++++++++++++++-------- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/src/Actions.php b/src/Actions.php index 4dd94923..a29f688e 100644 --- a/src/Actions.php +++ b/src/Actions.php @@ -120,7 +120,23 @@ public function admin_bar_node( $admin_bar ) { return; // @codeCoverageIgnore } - if ( ! current_user_can( 'manage_options' ) ) { + $settings = Helpers::get_settings(); + $current_user = wp_get_current_user(); + + $has_access = false; + $user_roles_have_access = array_merge( + [ 'administrator' ], + $settings['expand_dashboard_access'] ?? [] + ); + + foreach ( $current_user->roles as $role ) { + if ( in_array( $role, $user_roles_have_access, true ) ) { + $has_access = true; + break; + } + } + + if ( ! $has_access ) { return; } @@ -130,7 +146,6 @@ public function admin_bar_node( $admin_bar ) { 'title' => 'Plausible Analytics', ]; - $settings = Helpers::get_settings(); if ( ! empty( $settings[ 'enable_analytics_dashboard' ] ) || ( ! empty( $settings[ 'self_hosted_domain' ] ) && ! empty( $settings[ 'self_hosted_shared_link' ] ) ) ) { @@ -160,12 +175,14 @@ public function admin_bar_node( $admin_bar ) { } // Add link to Plausible Settings page. - $args[] = [ - 'id' => 'settings', - 'title' => esc_html__( 'Settings', 'plausible-analytics' ), - 'href' => admin_url( 'options-general.php?page=plausible_analytics' ), - 'parent' => 'plausible-analytics', - ]; + if ( current_user_can( 'manage_options' ) ) { + $args[] = [ + 'id' => 'settings', + 'title' => esc_html__( 'Settings', 'plausible-analytics' ), + 'href' => admin_url( 'options-general.php?page=plausible_analytics' ), + 'parent' => 'plausible-analytics', + ]; + } foreach ( $args as $arg ) { $admin_bar->add_node( $arg );