From 4d0116e640c930da4f481647779a29f76995b5ec Mon Sep 17 00:00:00 2001
From: kawsarahmedr <kawsar.ahmed198133@gmail.com>
Date: Tue, 17 Sep 2024 14:45:26 +0600
Subject: [PATCH 1/5] Update user capability to restrict options

---
 examples/api-test.txt                     |  2 +-
 includes/Admin/Requests.php               | 16 ++++++++--------
 src/Admin/ListTables/ActivationsTable.php |  2 +-
 src/Admin/ListTables/KeysTable.php        |  2 +-
 src/Admin/Menus.php                       | 14 +++++++-------
 src/Admin/Notices.php                     |  4 ++--
 src/functions.php                         |  2 +-
 7 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/examples/api-test.txt b/examples/api-test.txt
index 680db184..f77150fc 100644
--- a/examples/api-test.txt
+++ b/examples/api-test.txt
@@ -1,7 +1,7 @@
 <?php
 require 'wp-blog-header.php';
 
-if ( ! current_user_can( 'manage_options' ) ) { die();
+if ( ! current_user_can( 'manage_woocommerce' ) ) { die();
 }
 
 // API variables, please override.
diff --git a/includes/Admin/Requests.php b/includes/Admin/Requests.php
index 0f334afa..db015bca 100644
--- a/includes/Admin/Requests.php
+++ b/includes/Admin/Requests.php
@@ -37,8 +37,8 @@ public function __construct() {
 	public static function handle_edit_key() {
 		check_admin_referer( 'wcsn_edit_key' );
 
-		// Must have manage options user capability role to access this endpoint.
-		if ( ! current_user_can( 'manage_options' ) ) {
+		// Must have manage woocommerce user capability role to access this endpoint.
+		if ( ! current_user_can( 'manage_woocommerce' ) ) { // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			WCSN()->add_notice( __( 'You do not have permission to perform this action.', 'wc-serial-numbers' ), 'error' );
 			wp_safe_redirect( wp_get_referer() );
 			exit;
@@ -95,8 +95,8 @@ public static function handle_edit_key() {
 	public static function search_product() {
 		check_ajax_referer( 'wc_serial_numbers_search_nonce', 'nonce' );
 
-		// Must have manage options user capability role to access this endpoint.
-		if ( ! current_user_can( 'manage_options' ) ) {
+		// Must have manage woocommerce user capability role to access this endpoint.
+		if ( ! current_user_can( 'manage_woocommerce' ) ) { // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			wp_send_json_error( array( 'message' => esc_html__( 'You do not have permission to access this endpoint.', 'wc-serial-numbers' ) ) );
 			wp_die();
 		}
@@ -158,8 +158,8 @@ public static function search_product() {
 	public static function search_orders() {
 		check_ajax_referer( 'wc_serial_numbers_search_nonce', 'nonce' );
 
-		// Must have manage options user capability role to access this endpoint.
-		if ( ! current_user_can( 'manage_options' ) ) {
+		// Must have manage woocommerce user capability role to access this endpoint.
+		if ( ! current_user_can( 'manage_woocommerce' ) ) { // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			wp_send_json_error( array( 'message' => esc_html__( 'You do not have permission to access this endpoint.', 'wc-serial-numbers' ) ) );
 			wp_die();
 		}
@@ -233,8 +233,8 @@ public static function search_orders() {
 	public static function search_customers() {
 		check_ajax_referer( 'wc_serial_numbers_search_nonce', 'nonce' );
 
-		// Must have manage options user capability role to access this endpoint.
-		if ( ! current_user_can( 'manage_options' ) ) {
+		// Must have manage woocommerce user capability role to access this endpoint.
+		if ( ! current_user_can( 'manage_woocommerce' ) ) { // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			wp_send_json_error( array( 'message' => esc_html__( 'You do not have permission to access this endpoint.', 'wc-serial-numbers' ) ) );
 			wp_die();
 		}
diff --git a/src/Admin/ListTables/ActivationsTable.php b/src/Admin/ListTables/ActivationsTable.php
index 450277cf..eeb078f4 100644
--- a/src/Admin/ListTables/ActivationsTable.php
+++ b/src/Admin/ListTables/ActivationsTable.php
@@ -123,7 +123,7 @@ protected function extra_tablenav( $which ) {
 	 * @since 1.4.6
 	 */
 	public function process_bulk_actions( $doaction ) {
-		if ( $doaction && check_ajax_referer( 'bulk-activations' ) && current_user_can( 'manage_options' ) ) {
+		if ( $doaction && check_ajax_referer( 'bulk-activations' ) && current_user_can( 'manage_woocommerce' ) ) { // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			if ( isset( $_REQUEST['id'] ) ) {
 				$ids = wp_parse_id_list( wp_unslash( $_REQUEST['id'] ) );
 			} elseif ( isset( $_REQUEST['ids'] ) ) {
diff --git a/src/Admin/ListTables/KeysTable.php b/src/Admin/ListTables/KeysTable.php
index f66d48e3..ccadb2e2 100644
--- a/src/Admin/ListTables/KeysTable.php
+++ b/src/Admin/ListTables/KeysTable.php
@@ -292,7 +292,7 @@ protected function extra_tablenav( $which ) {
 	 * @since 1.4.6
 	 */
 	public function process_bulk_actions( $doaction ) {
-		if ( $doaction && check_ajax_referer( 'bulk-' . $this->_args['plural'] ) && current_user_can( 'manage_options' ) ) {
+		if ( $doaction && check_ajax_referer( 'bulk-' . $this->_args['plural'] ) && current_user_can( 'manage_woocommerce' ) ) { // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			if ( wp_unslash( isset( $_REQUEST['id'] ) ) ) {
 				$ids = wp_parse_id_list( wp_unslash( $_REQUEST['id'] ) );
 			} elseif ( isset( $_REQUEST['ids'] ) ) {
diff --git a/src/Admin/Menus.php b/src/Admin/Menus.php
index 81fd5d8d..f9d3455c 100644
--- a/src/Admin/Menus.php
+++ b/src/Admin/Menus.php
@@ -87,7 +87,7 @@ public function main_menu() {
 		add_menu_page(
 			__( 'Serial Numbers', 'wc-serial-numbers' ),
 			__( 'Serial Numbers', 'wc-serial-numbers' ),
-			'manage_options',
+			'manage_woocommerce', // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			'wc-serial-numbers',
 			null,
 			'dashicons-lock',
@@ -98,7 +98,7 @@ public function main_menu() {
 			'wc-serial-numbers',
 			__( 'Serial Keys', 'wc-serial-numbers' ),
 			__( 'Serial Keys', 'wc-serial-numbers' ),
-			'manage_options',
+			'manage_woocommerce', // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			'wc-serial-numbers',
 			array( $this, 'output_main_page' )
 		);
@@ -118,7 +118,7 @@ public function activations_menu() {
 			'wc-serial-numbers',
 			__( 'Activations', 'wc-serial-numbers' ),
 			__( 'Activations', 'wc-serial-numbers' ),
-			'manage_options',
+			'manage_woocommerce', // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			'wc-serial-numbers-activations',
 			array( $this, 'output_activations_page' )
 		);
@@ -135,7 +135,7 @@ public function tools_menu() {
 			'wc-serial-numbers',
 			__( 'Tools', 'wc-serial-numbers' ),
 			__( 'Tools', 'wc-serial-numbers' ),
-			'manage_options',
+			'manage_woocommerce', // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			'wc-serial-numbers-tools',
 			array( $this, 'output_tools_page' )
 		);
@@ -152,7 +152,7 @@ public function reports_menu() {
 			'wc-serial-numbers',
 			__( 'Reports', 'wc-serial-numbers' ),
 			__( 'Reports', 'wc-serial-numbers' ),
-			'manage_options',
+			'manage_woocommerce', // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			'wc-serial-numbers-reports',
 			array( $this, 'output_reports_page' )
 		);
@@ -169,7 +169,7 @@ public function settings_menu() {
 			'wc-serial-numbers',
 			__( 'Settings', 'wc-serial-numbers' ),
 			__( 'Settings', 'wc-serial-numbers' ),
-			'manage_options',
+			'manage_woocommerce', // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			'wc-serial-numbers-settings',
 			array( Settings::class, 'output' )
 		);
@@ -187,7 +187,7 @@ public function promo_menu() {
 				'wc-serial-numbers',
 				'',
 				'<span style="color:#05ef82;"><span class="dashicons dashicons-star-filled" style="font-size: 17px"></span> ' . __( 'Upgrade to Pro', 'wc-serial-numbers' ) . '</span>',
-				'manage_options',
+				'manage_woocommerce', // phpcs:ignore WordPress.WP.Capabilities.Unknown
 				'go_wcsn_pro',
 				array( $this, 'go_pro_redirect' )
 			);
diff --git a/src/Admin/Notices.php b/src/Admin/Notices.php
index 62a10e5f..a93b4f40 100644
--- a/src/Admin/Notices.php
+++ b/src/Admin/Notices.php
@@ -113,8 +113,8 @@ public function output_notices() {
 	public function dismiss_notice() {
 		check_ajax_referer( 'wc_serial_numbers_dismiss_notice', 'nonce' );
 
-		// Must have manage options user capability role to access this endpoint.
-		if ( ! current_user_can( 'manage_options' ) ) {
+		// Must have manage woocommerce user capability role to access this endpoint.
+		if ( ! current_user_can( 'manage_woocommerce' ) ) { // phpcs:ignore WordPress.WP.Capabilities.Unknown
 			wp_die();
 		}
 
diff --git a/src/functions.php b/src/functions.php
index c78e9a81..9f807365 100644
--- a/src/functions.php
+++ b/src/functions.php
@@ -21,7 +21,7 @@
  * @return string
  */
 function wcsn_get_manager_role() {
-	return apply_filters( 'wc_serial_numbers_manager_role', 'manage_options' );
+	return apply_filters( 'wc_serial_numbers_manager_role', 'manage_woocommerce' );
 }
 
 /**

From c209f352906536ad53757736b366197a0af7534d Mon Sep 17 00:00:00 2001
From: kawsarahmedr <kawsar.ahmed198133@gmail.com>
Date: Tue, 17 Sep 2024 15:03:57 +0600
Subject: [PATCH 2/5] Fix #436

---
 src/Admin/views/html-edit-key.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Admin/views/html-edit-key.php b/src/Admin/views/html-edit-key.php
index e018c16a..47da7852 100644
--- a/src/Admin/views/html-edit-key.php
+++ b/src/Admin/views/html-edit-key.php
@@ -103,7 +103,7 @@
 							<label for="order_id">
 								<?php esc_html_e( 'Order ID', 'wc-serial-numbers' ); ?>
 							</label>
-							<select name="order_id" id="order_id" class="wcsn_search_order" required="required" placeholder="<?php esc_html_e( 'Select Order', 'wc-serial-numbers' ); ?>">
+							<select name="order_id" id="order_id" class="wcsn_search_order" placeholder="<?php esc_html_e( 'Select Order', 'wc-serial-numbers' ); ?>">
 								<?php
 								printf(
 									'<option value="%d" selected="selected">%s</option>',

From 62c5b731aaa21b4179a9637dca9654671e3cc402 Mon Sep 17 00:00:00 2001
From: kawsarahmedr <kawsar.ahmed198133@gmail.com>
Date: Tue, 17 Sep 2024 15:06:53 +0600
Subject: [PATCH 3/5] Fix #440

---
 wc-serial-numbers.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/wc-serial-numbers.php b/wc-serial-numbers.php
index 4f8db3bb..c9293caa 100644
--- a/wc-serial-numbers.php
+++ b/wc-serial-numbers.php
@@ -3,7 +3,7 @@
  * Plugin Name:          WC Serial Numbers
  * Plugin URI:           https://pluginever.com/plugins/wocommerce-serial-numbers-pro/
  * Description:          Sell and manage license keys/ serial numbers/ secret keys easily within your WooCommerce store.
- * Version:              2.0.3
+ * Version:              2.0.4
  * Requires at least:    5.0
  * Requires PHP:         7.4
  * Author:               PluginEver
@@ -14,7 +14,7 @@
  * Domain Path:          /languages
  * Tested up to:         6.6
  * WC requires at least: 5.0
- * WC tested up to:      9.2
+ * WC tested up to:      9.3
  *
  * @package WooCommerceSerialNumbers
  *

From 62b168b383bd9f55c66454adbe75a41b09837061 Mon Sep 17 00:00:00 2001
From: kawsarahmedr <kawsar.ahmed198133@gmail.com>
Date: Tue, 17 Sep 2024 15:11:36 +0600
Subject: [PATCH 4/5] Update readme & composer

---
 package.json | 2 +-
 readme.txt   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index ab9b35ad..5e0cab86 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "wc-serial-numbers",
   "title": "WC Serial Numbers",
-  "version": "2.0.3",
+  "version": "2.0.4",
   "description": "Sell and manage license keys/ serial numbers/ secret keys easily within your WooCommerce store.",
   "homepage": "https://pluginever.com/plugins/woocommerce-serial-numbers-pro/",
   "license": "GPL v2 or later",
diff --git a/readme.txt b/readme.txt
index cc9f712c..17cdc2db 100644
--- a/readme.txt
+++ b/readme.txt
@@ -4,7 +4,7 @@ Tags: license, license manager, serial number, serial key, woocommerce
 Requires at least: 5.0
 Tested up to: 6.6
 Requires PHP: 7.4
-Stable tag: 2.0.3
+Stable tag: 2.0.4
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 

From 796675d1fab73ac26d9c7e37240c5c3253d06a8b Mon Sep 17 00:00:00 2001
From: kawsarahmedr <kawsar.ahmed198133@gmail.com>
Date: Tue, 17 Sep 2024 15:13:16 +0600
Subject: [PATCH 5/5] Update pot file

---
 languages/wc-serial-numbers.pot | 4 ++--
 package-lock.json               | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/languages/wc-serial-numbers.pot b/languages/wc-serial-numbers.pot
index d3d6e6eb..808dcc23 100644
--- a/languages/wc-serial-numbers.pot
+++ b/languages/wc-serial-numbers.pot
@@ -2,9 +2,9 @@
 # This file is distributed under the GPL v2 or later.
 msgid ""
 msgstr ""
-"Project-Id-Version: WC Serial Numbers 2.0.3\n"
+"Project-Id-Version: WC Serial Numbers 2.0.4\n"
 "Report-Msgid-Bugs-To: https://pluginever.com/support\n"
-"POT-Creation-Date: 2024-09-12 10:07:53+00:00\n"
+"POT-Creation-Date: 2024-09-17 09:13:02+00:00\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=utf-8\n"
 "Content-Transfer-Encoding: 8bit\n"
diff --git a/package-lock.json b/package-lock.json
index 1152c8a4..5c0896fd 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "wc-serial-numbers",
-  "version": "2.0.3",
+  "version": "2.0.4",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "wc-serial-numbers",
-      "version": "2.0.3",
+      "version": "2.0.4",
       "license": "GPL v2 or later",
       "devDependencies": {
         "@lodder/time-grunt": "^4.0.0",