diff --git a/composer.json b/composer.json index 47c38087..31f0f532 100644 --- a/composer.json +++ b/composer.json @@ -1,7 +1,7 @@ { "name": "pluginever/wc-serial-numbers", "description": "WC Serial Numbers", - "homepage": "https://pluginever.com/plugins/wc-serial-numbers/", + "homepage": "https://pluginever.com/plugins/woocommerce-serial-numbers-pro/", "type": "wordpress-plugin", "license": "GPL-v2 or later", "prefer-stable": true, diff --git a/composer.lock b/composer.lock index adba2fe8..99ccec97 100644 --- a/composer.lock +++ b/composer.lock @@ -1223,20 +1223,20 @@ }, { "name": "symfony/polyfill-ctype", - "version": "v1.30.0", + "version": "v1.31.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-ctype.git", - "reference": "0424dff1c58f028c451efff2045f5d92410bd540" + "reference": "a3cc8b044a6ea513310cbd48ef7333b384945638" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/0424dff1c58f028c451efff2045f5d92410bd540", - "reference": "0424dff1c58f028c451efff2045f5d92410bd540", + "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/a3cc8b044a6ea513310cbd48ef7333b384945638", + "reference": "a3cc8b044a6ea513310cbd48ef7333b384945638", "shasum": "" }, "require": { - "php": ">=7.1" + "php": ">=7.2" }, "provide": { "ext-ctype": "*" @@ -1282,7 +1282,7 @@ "portable" ], "support": { - "source": "https://github.com/symfony/polyfill-ctype/tree/v1.30.0" + "source": "https://github.com/symfony/polyfill-ctype/tree/v1.31.0" }, "funding": [ { @@ -1298,24 +1298,24 @@ "type": "tidelift" } ], - "time": "2024-05-31T15:07:36+00:00" + "time": "2024-09-09T11:45:10+00:00" }, { "name": "symfony/polyfill-intl-grapheme", - "version": "v1.30.0", + "version": "v1.31.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-intl-grapheme.git", - "reference": "64647a7c30b2283f5d49b874d84a18fc22054b7a" + "reference": "b9123926e3b7bc2f98c02ad54f6a4b02b91a8abe" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-intl-grapheme/zipball/64647a7c30b2283f5d49b874d84a18fc22054b7a", - "reference": "64647a7c30b2283f5d49b874d84a18fc22054b7a", + "url": "https://api.github.com/repos/symfony/polyfill-intl-grapheme/zipball/b9123926e3b7bc2f98c02ad54f6a4b02b91a8abe", + "reference": "b9123926e3b7bc2f98c02ad54f6a4b02b91a8abe", "shasum": "" }, "require": { - "php": ">=7.1" + "php": ">=7.2" }, "suggest": { "ext-intl": "For best performance" @@ -1360,7 +1360,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-intl-grapheme/tree/v1.30.0" + "source": "https://github.com/symfony/polyfill-intl-grapheme/tree/v1.31.0" }, "funding": [ { @@ -1376,24 +1376,24 @@ "type": "tidelift" } ], - "time": "2024-05-31T15:07:36+00:00" + "time": "2024-09-09T11:45:10+00:00" }, { "name": "symfony/polyfill-intl-normalizer", - "version": "v1.30.0", + "version": "v1.31.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-intl-normalizer.git", - "reference": "a95281b0be0d9ab48050ebd988b967875cdb9fdb" + "reference": "3833d7255cc303546435cb650316bff708a1c75c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-intl-normalizer/zipball/a95281b0be0d9ab48050ebd988b967875cdb9fdb", - "reference": "a95281b0be0d9ab48050ebd988b967875cdb9fdb", + "url": "https://api.github.com/repos/symfony/polyfill-intl-normalizer/zipball/3833d7255cc303546435cb650316bff708a1c75c", + "reference": "3833d7255cc303546435cb650316bff708a1c75c", "shasum": "" }, "require": { - "php": ">=7.1" + "php": ">=7.2" }, "suggest": { "ext-intl": "For best performance" @@ -1441,7 +1441,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.30.0" + "source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.31.0" }, "funding": [ { @@ -1457,24 +1457,24 @@ "type": "tidelift" } ], - "time": "2024-05-31T15:07:36+00:00" + "time": "2024-09-09T11:45:10+00:00" }, { "name": "symfony/polyfill-mbstring", - "version": "v1.30.0", + "version": "v1.31.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-mbstring.git", - "reference": "fd22ab50000ef01661e2a31d850ebaa297f8e03c" + "reference": "85181ba99b2345b0ef10ce42ecac37612d9fd341" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/fd22ab50000ef01661e2a31d850ebaa297f8e03c", - "reference": "fd22ab50000ef01661e2a31d850ebaa297f8e03c", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/85181ba99b2345b0ef10ce42ecac37612d9fd341", + "reference": "85181ba99b2345b0ef10ce42ecac37612d9fd341", "shasum": "" }, "require": { - "php": ">=7.1" + "php": ">=7.2" }, "provide": { "ext-mbstring": "*" @@ -1521,7 +1521,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.30.0" + "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.31.0" }, "funding": [ { @@ -1537,24 +1537,24 @@ "type": "tidelift" } ], - "time": "2024-06-19T12:30:46+00:00" + "time": "2024-09-09T11:45:10+00:00" }, { "name": "symfony/polyfill-php73", - "version": "v1.30.0", + "version": "v1.31.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php73.git", - "reference": "ec444d3f3f6505bb28d11afa41e75faadebc10a1" + "reference": "0f68c03565dcaaf25a890667542e8bd75fe7e5bb" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/ec444d3f3f6505bb28d11afa41e75faadebc10a1", - "reference": "ec444d3f3f6505bb28d11afa41e75faadebc10a1", + "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/0f68c03565dcaaf25a890667542e8bd75fe7e5bb", + "reference": "0f68c03565dcaaf25a890667542e8bd75fe7e5bb", "shasum": "" }, "require": { - "php": ">=7.1" + "php": ">=7.2" }, "type": "library", "extra": { @@ -1597,7 +1597,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php73/tree/v1.30.0" + "source": "https://github.com/symfony/polyfill-php73/tree/v1.31.0" }, "funding": [ { @@ -1613,24 +1613,24 @@ "type": "tidelift" } ], - "time": "2024-05-31T15:07:36+00:00" + "time": "2024-09-09T11:45:10+00:00" }, { "name": "symfony/polyfill-php80", - "version": "v1.30.0", + "version": "v1.31.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php80.git", - "reference": "77fa7995ac1b21ab60769b7323d600a991a90433" + "reference": "60328e362d4c2c802a54fcbf04f9d3fb892b4cf8" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/77fa7995ac1b21ab60769b7323d600a991a90433", - "reference": "77fa7995ac1b21ab60769b7323d600a991a90433", + "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/60328e362d4c2c802a54fcbf04f9d3fb892b4cf8", + "reference": "60328e362d4c2c802a54fcbf04f9d3fb892b4cf8", "shasum": "" }, "require": { - "php": ">=7.1" + "php": ">=7.2" }, "type": "library", "extra": { @@ -1677,7 +1677,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php80/tree/v1.30.0" + "source": "https://github.com/symfony/polyfill-php80/tree/v1.31.0" }, "funding": [ { @@ -1693,7 +1693,7 @@ "type": "tidelift" } ], - "time": "2024-05-31T15:07:36+00:00" + "time": "2024-09-09T11:45:10+00:00" }, { "name": "symfony/service-contracts", diff --git a/includes/Admin/Products.php b/includes/Admin/Products.php index eb919a2e..33c99b99 100644 --- a/includes/Admin/Products.php +++ b/includes/Admin/Products.php @@ -226,8 +226,9 @@ public static function product_save_data() { return; } - // Must have WC Serial Numbers manager role to access this endpoint. - if ( ! current_user_can( wcsn_get_manager_role() ) ) { + // Must have edit_post user capability to save this data. + if ( ! current_user_can( 'edit_post', $post->ID ) ) { + WCSN()->add_notice( __( 'You do not have permission to save this data.', 'wc-serial-numbers' ), 'error' ); return; } diff --git a/includes/Admin/Requests.php b/includes/Admin/Requests.php index 78938fe2..0f334afa 100644 --- a/includes/Admin/Requests.php +++ b/includes/Admin/Requests.php @@ -37,8 +37,8 @@ public function __construct() { public static function handle_edit_key() { check_admin_referer( 'wcsn_edit_key' ); - // Must have WC Serial Numbers manager role to access this endpoint. - if ( ! current_user_can( wcsn_get_manager_role() ) ) { + // Must have manage options user capability role to access this endpoint. + if ( ! current_user_can( 'manage_options' ) ) { WCSN()->add_notice( __( 'You do not have permission to perform this action.', 'wc-serial-numbers' ), 'error' ); wp_safe_redirect( wp_get_referer() ); exit; @@ -95,8 +95,8 @@ public static function handle_edit_key() { public static function search_product() { check_ajax_referer( 'wc_serial_numbers_search_nonce', 'nonce' ); - // Must have WC Serial Numbers manager role to access this endpoint. - if ( ! current_user_can( wcsn_get_manager_role() ) ) { + // Must have manage options user capability role to access this endpoint. + if ( ! current_user_can( 'manage_options' ) ) { wp_send_json_error( array( 'message' => esc_html__( 'You do not have permission to access this endpoint.', 'wc-serial-numbers' ) ) ); wp_die(); } @@ -158,8 +158,8 @@ public static function search_product() { public static function search_orders() { check_ajax_referer( 'wc_serial_numbers_search_nonce', 'nonce' ); - // Must have WC Serial Numbers manager role to access this endpoint. - if ( ! current_user_can( wcsn_get_manager_role() ) ) { + // Must have manage options user capability role to access this endpoint. + if ( ! current_user_can( 'manage_options' ) ) { wp_send_json_error( array( 'message' => esc_html__( 'You do not have permission to access this endpoint.', 'wc-serial-numbers' ) ) ); wp_die(); } @@ -233,8 +233,8 @@ public static function search_orders() { public static function search_customers() { check_ajax_referer( 'wc_serial_numbers_search_nonce', 'nonce' ); - // Must have WC Serial Numbers manager role to access this endpoint. - if ( ! current_user_can( wcsn_get_manager_role() ) ) { + // Must have manage options user capability role to access this endpoint. + if ( ! current_user_can( 'manage_options' ) ) { wp_send_json_error( array( 'message' => esc_html__( 'You do not have permission to access this endpoint.', 'wc-serial-numbers' ) ) ); wp_die(); } diff --git a/languages/wc-serial-numbers.pot b/languages/wc-serial-numbers.pot index 74b5846d..d3d6e6eb 100644 --- a/languages/wc-serial-numbers.pot +++ b/languages/wc-serial-numbers.pot @@ -2,9 +2,9 @@ # This file is distributed under the GPL v2 or later. msgid "" msgstr "" -"Project-Id-Version: WC Serial Numbers 2.0.2\n" +"Project-Id-Version: WC Serial Numbers 2.0.3\n" "Report-Msgid-Bugs-To: https://pluginever.com/support\n" -"POT-Creation-Date: 2024-09-01 09:28:58+00:00\n" +"POT-Creation-Date: 2024-09-12 10:07:53+00:00\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" @@ -83,7 +83,7 @@ msgid "Unlimited" msgstr "" #: includes/Admin/Orders.php:245 src/Admin/ListTables/KeysTable.php:360 -#: src/Admin/Menus.php:322 src/Admin/views/html-edit-key.php:92 +#: src/Admin/Menus.php:320 src/Admin/views/html-edit-key.php:92 #: src/Functions/Template.php:78 src/functions.php:1034 msgid "Status" msgstr "" @@ -93,9 +93,9 @@ msgstr "" msgid "View Details" msgstr "" -#: includes/Admin/Products.php:92 includes/Admin/Products.php:314 -#: src/Admin/Admin.php:141 src/Admin/Menus.php:54 src/Admin/Menus.php:89 -#: src/Admin/Menus.php:90 src/Admin/Menus.php:435 +#: includes/Admin/Products.php:92 includes/Admin/Products.php:315 +#: src/Admin/Admin.php:141 src/Admin/Menus.php:54 src/Admin/Menus.php:88 +#: src/Admin/Menus.php:89 src/Admin/Menus.php:433 #: src/Functions/Template.php:226 msgid "Serial Numbers" msgstr "" @@ -143,7 +143,7 @@ msgid "Want to sell keys for variable products?" msgstr "" #: includes/Admin/Products.php:193 includes/Admin/Products.php:214 -#: src/Admin/Menus.php:191 +#: src/Admin/Menus.php:189 msgid "Upgrade to Pro" msgstr "" @@ -153,7 +153,11 @@ msgid "" "variation." msgstr "" -#: includes/Admin/Products.php:296 +#: includes/Admin/Products.php:231 +msgid "You do not have permission to save this data." +msgstr "" + +#: includes/Admin/Products.php:297 msgid "Order missing serial numbers for this item." msgstr "" @@ -208,7 +212,7 @@ msgstr "" msgid "More Plugins" msgstr "" -#: lib/Lib/Plugin.php:692 src/Admin/Menus.php:171 src/Admin/Menus.php:172 +#: lib/Lib/Plugin.php:692 src/Admin/Menus.php:170 src/Admin/Menus.php:171 msgid "Settings" msgstr "" @@ -289,8 +293,8 @@ msgstr "" msgid "Activation" msgstr "" -#: src/Admin/ListTables/ActivationsTable.php:40 src/Admin/Menus.php:120 -#: src/Admin/Menus.php:121 src/Admin/views/html-list-activations.php:18 +#: src/Admin/ListTables/ActivationsTable.php:40 src/Admin/Menus.php:119 +#: src/Admin/Menus.php:120 src/Admin/views/html-list-activations.php:18 msgid "Activations" msgstr "" @@ -494,7 +498,7 @@ msgstr "" msgid "Source" msgstr "" -#: src/Admin/ListTables/StockTable.php:98 src/Admin/Menus.php:282 +#: src/Admin/ListTables/StockTable.php:98 src/Admin/Menus.php:280 msgid "Stock" msgstr "" @@ -514,75 +518,75 @@ msgstr "" msgid "Unknown" msgstr "" -#: src/Admin/Menus.php:100 src/Admin/Menus.php:101 +#: src/Admin/Menus.php:99 src/Admin/Menus.php:100 #: src/Admin/views/html-list-keys.php:18 msgid "Serial Keys" msgstr "" -#: src/Admin/Menus.php:137 src/Admin/Menus.php:138 +#: src/Admin/Menus.php:136 src/Admin/Menus.php:137 msgid "Tools" msgstr "" -#: src/Admin/Menus.php:154 src/Admin/Menus.php:155 +#: src/Admin/Menus.php:153 src/Admin/Menus.php:154 msgid "Reports" msgstr "" -#: src/Admin/Menus.php:247 src/Admin/Menus.php:383 +#: src/Admin/Menus.php:245 src/Admin/Menus.php:381 msgid "Generators" msgstr "" -#: src/Admin/Menus.php:248 +#: src/Admin/Menus.php:246 msgid "API Toolkit" msgstr "" -#: src/Admin/Menus.php:249 src/Admin/views/html-list-keys.php:25 +#: src/Admin/Menus.php:247 src/Admin/views/html-list-keys.php:25 msgid "Import" msgstr "" -#: src/Admin/Menus.php:250 src/Admin/views/html-list-keys.php:29 +#: src/Admin/Menus.php:248 src/Admin/views/html-list-keys.php:29 msgid "Export" msgstr "" -#: src/Admin/Menus.php:337 src/Admin/Menus.php:344 src/Admin/Menus.php:362 -#: src/Admin/Menus.php:380 +#: src/Admin/Menus.php:335 src/Admin/Menus.php:342 src/Admin/Menus.php:360 +#: src/Admin/Menus.php:378 msgid "Available in Pro Version" msgstr "" -#: src/Admin/Menus.php:338 src/Admin/Menus.php:345 src/Admin/Menus.php:363 -#: src/Admin/Menus.php:381 +#: src/Admin/Menus.php:336 src/Admin/Menus.php:343 src/Admin/Menus.php:361 +#: src/Admin/Menus.php:379 msgid "Upgrade to Pro Now" msgstr "" -#: src/Admin/Menus.php:340 src/Admin/Menus.php:347 +#: src/Admin/Menus.php:338 src/Admin/Menus.php:345 msgid "Import Serial Numbers" msgstr "" -#: src/Admin/Menus.php:365 +#: src/Admin/Menus.php:363 msgid "Export Serial Numbers" msgstr "" -#: src/Admin/Menus.php:410 +#: src/Admin/Menus.php:408 msgid "Table exists" msgstr "" -#: src/Admin/Menus.php:412 +#: src/Admin/Menus.php:410 msgid "Table does not exist" msgstr "" -#: src/Admin/Menus.php:418 +#: src/Admin/Menus.php:416 msgid "Hourly cron" msgstr "" -#: src/Admin/Menus.php:419 +#: src/Admin/Menus.php:417 msgid "Daily cron" msgstr "" -#: src/Admin/Menus.php:425 +#: src/Admin/Menus.php:423 #. translators: %s: Next scheduled time. msgid "Next run: %s" msgstr "" -#: src/Admin/Menus.php:427 +#: src/Admin/Menus.php:425 msgid "Not scheduled" msgstr "" diff --git a/package-lock.json b/package-lock.json index cc4f5b20..1152c8a4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "wc-serial-numbers", - "version": "2.0.2", + "version": "2.0.3", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "wc-serial-numbers", - "version": "2.0.2", + "version": "2.0.3", "license": "GPL v2 or later", "devDependencies": { "@lodder/time-grunt": "^4.0.0", diff --git a/package.json b/package.json index 7dad79d5..ab9b35ad 100644 --- a/package.json +++ b/package.json @@ -1,9 +1,9 @@ { "name": "wc-serial-numbers", "title": "WC Serial Numbers", - "version": "2.0.2", + "version": "2.0.3", "description": "Sell and manage license keys/ serial numbers/ secret keys easily within your WooCommerce store.", - "homepage": "https://pluginever.com/plugins/wc-serial-numbers/", + "homepage": "https://pluginever.com/plugins/woocommerce-serial-numbers-pro/", "license": "GPL v2 or later", "prettier": "@wordpress/prettier-config", "scripts": { diff --git a/readme.txt b/readme.txt index def25522..cc9f712c 100644 --- a/readme.txt +++ b/readme.txt @@ -4,7 +4,7 @@ Tags: license, license manager, serial number, serial key, woocommerce Requires at least: 5.0 Tested up to: 6.6 Requires PHP: 7.4 -Stable tag: 2.0.2 +Stable tag: 2.0.3 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html @@ -251,6 +251,9 @@ Yes, you are always welcome to [provide suggestions](https://github.com/pluginev 9. Thank You Page with Keys == Changelog == += 2.0.3 (12 Sep 2024) = +* Fix: Security issue. + = 2.0.2 (01 Sep 2024) = * Fix: Few known issues. diff --git a/src/Admin/ListTables/ActivationsTable.php b/src/Admin/ListTables/ActivationsTable.php index 6fa0d673..450277cf 100644 --- a/src/Admin/ListTables/ActivationsTable.php +++ b/src/Admin/ListTables/ActivationsTable.php @@ -123,7 +123,7 @@ protected function extra_tablenav( $which ) { * @since 1.4.6 */ public function process_bulk_actions( $doaction ) { - if ( $doaction && check_ajax_referer( 'bulk-activations' ) && current_user_can( wcsn_get_manager_role() ) ) { + if ( $doaction && check_ajax_referer( 'bulk-activations' ) && current_user_can( 'manage_options' ) ) { if ( isset( $_REQUEST['id'] ) ) { $ids = wp_parse_id_list( wp_unslash( $_REQUEST['id'] ) ); } elseif ( isset( $_REQUEST['ids'] ) ) { diff --git a/src/Admin/ListTables/KeysTable.php b/src/Admin/ListTables/KeysTable.php index 9ab8eaac..f66d48e3 100644 --- a/src/Admin/ListTables/KeysTable.php +++ b/src/Admin/ListTables/KeysTable.php @@ -292,7 +292,7 @@ protected function extra_tablenav( $which ) { * @since 1.4.6 */ public function process_bulk_actions( $doaction ) { - if ( $doaction && check_ajax_referer( 'bulk-' . $this->_args['plural'] ) && current_user_can( wcsn_get_manager_role() ) ) { + if ( $doaction && check_ajax_referer( 'bulk-' . $this->_args['plural'] ) && current_user_can( 'manage_options' ) ) { if ( wp_unslash( isset( $_REQUEST['id'] ) ) ) { $ids = wp_parse_id_list( wp_unslash( $_REQUEST['id'] ) ); } elseif ( isset( $_REQUEST['ids'] ) ) { diff --git a/src/Admin/Menus.php b/src/Admin/Menus.php index 34ea6582..81fd5d8d 100644 --- a/src/Admin/Menus.php +++ b/src/Admin/Menus.php @@ -84,11 +84,10 @@ public function save_screen_options( $status, $option, $value ) { * @return void */ public function main_menu() { - $role = wcsn_get_manager_role(); add_menu_page( __( 'Serial Numbers', 'wc-serial-numbers' ), __( 'Serial Numbers', 'wc-serial-numbers' ), - $role, + 'manage_options', 'wc-serial-numbers', null, 'dashicons-lock', @@ -99,7 +98,7 @@ public function main_menu() { 'wc-serial-numbers', __( 'Serial Keys', 'wc-serial-numbers' ), __( 'Serial Keys', 'wc-serial-numbers' ), - $role, + 'manage_options', 'wc-serial-numbers', array( $this, 'output_main_page' ) ); @@ -119,7 +118,7 @@ public function activations_menu() { 'wc-serial-numbers', __( 'Activations', 'wc-serial-numbers' ), __( 'Activations', 'wc-serial-numbers' ), - wcsn_get_manager_role(), + 'manage_options', 'wc-serial-numbers-activations', array( $this, 'output_activations_page' ) ); @@ -136,7 +135,7 @@ public function tools_menu() { 'wc-serial-numbers', __( 'Tools', 'wc-serial-numbers' ), __( 'Tools', 'wc-serial-numbers' ), - wcsn_get_manager_role(), + 'manage_options', 'wc-serial-numbers-tools', array( $this, 'output_tools_page' ) ); @@ -153,7 +152,7 @@ public function reports_menu() { 'wc-serial-numbers', __( 'Reports', 'wc-serial-numbers' ), __( 'Reports', 'wc-serial-numbers' ), - wcsn_get_manager_role(), + 'manage_options', 'wc-serial-numbers-reports', array( $this, 'output_reports_page' ) ); @@ -170,7 +169,7 @@ public function settings_menu() { 'wc-serial-numbers', __( 'Settings', 'wc-serial-numbers' ), __( 'Settings', 'wc-serial-numbers' ), - wcsn_get_manager_role(), + 'manage_options', 'wc-serial-numbers-settings', array( Settings::class, 'output' ) ); @@ -183,13 +182,12 @@ public function settings_menu() { * @return void */ public function promo_menu() { - $role = wcsn_get_manager_role(); if ( ! WCSN()->is_premium_active() ) { add_submenu_page( 'wc-serial-numbers', '', ' ' . __( 'Upgrade to Pro', 'wc-serial-numbers' ) . '', - $role, + 'manage_options', 'go_wcsn_pro', array( $this, 'go_pro_redirect' ) ); diff --git a/src/Admin/Notices.php b/src/Admin/Notices.php index 0e71a552..62a10e5f 100644 --- a/src/Admin/Notices.php +++ b/src/Admin/Notices.php @@ -113,8 +113,8 @@ public function output_notices() { public function dismiss_notice() { check_ajax_referer( 'wc_serial_numbers_dismiss_notice', 'nonce' ); - // Must have WC Serial Numbers manager role to access this endpoint. - if ( ! current_user_can( wcsn_get_manager_role() ) ) { + // Must have manage options user capability role to access this endpoint. + if ( ! current_user_can( 'manage_options' ) ) { wp_die(); } diff --git a/src/functions.php b/src/functions.php index 9f807365..c78e9a81 100644 --- a/src/functions.php +++ b/src/functions.php @@ -21,7 +21,7 @@ * @return string */ function wcsn_get_manager_role() { - return apply_filters( 'wc_serial_numbers_manager_role', 'manage_woocommerce' ); + return apply_filters( 'wc_serial_numbers_manager_role', 'manage_options' ); } /** diff --git a/wc-serial-numbers.php b/wc-serial-numbers.php index d40e1f69..4f8db3bb 100644 --- a/wc-serial-numbers.php +++ b/wc-serial-numbers.php @@ -3,7 +3,7 @@ * Plugin Name: WC Serial Numbers * Plugin URI: https://pluginever.com/plugins/wocommerce-serial-numbers-pro/ * Description: Sell and manage license keys/ serial numbers/ secret keys easily within your WooCommerce store. - * Version: 2.0.2 + * Version: 2.0.3 * Requires at least: 5.0 * Requires PHP: 7.4 * Author: PluginEver