|
Server : LiteSpeed System : Linux premium92.web-hosting.com 4.18.0-553.44.1.lve.el8.x86_64 #1 SMP Thu Mar 13 14:29:12 UTC 2025 x86_64 User : rbnsfqys ( 805) PHP Version : 8.1.33 Disable Function : NONE Directory : /home/rbnsfqys/ali.rbn.services/wp-content/plugins/Repairplugin-pro/ |
<?php
// Exit if accessed directly
defined( 'ABSPATH' ) || exit;
function rp_add_custom_user_role_for_managing_just_rp() {
// check if already exists
if( get_role('repairplugin') ) {
return;
}
add_role(
'repairplugin',
'RepairPlugin',
array(
)
);
$role = get_role( 'repairplugin' );
// add read, level_0, level_1
$role->add_cap( 'read' );
$role->add_cap( 'level_0' );
$role->add_cap( 'level_1' );
}
rp_add_action( 'init', 'rp_add_custom_user_role_for_managing_just_rp' );
function rp_update_user_role_display_name_if_not_already() {
global $rpQuery;
$prefix = $rpQuery->prefix;
if( rp_get_option( 'rp_user_roles_display_name_updated_v2', '0' ) == '1' ) {
return;
}
rp_update_option('rp_user_roles_display_name_updated_v2', '1');
$wp_user_roles = rp_get_option($prefix.'user_roles', array());
if( !empty( $wp_user_roles ?? array() ) && isset( $wp_user_roles['repairplugin'] ) ) {
$wp_user_roles['repairplugin']['name'] = 'RepairPlugin';
rp_update_option($prefix.'user_roles', $wp_user_roles);
}
}
rp_add_action('init', 'rp_update_user_role_display_name_if_not_already', 999);
function rp_role_has_capability( $role = '', $capability = '' ) {
if( empty( $role ) || empty( $capability ) ) {
return false;
}
$role = get_role( $role );
return $role->has_cap( $capability ) == true ? true : false;
}
function rp_add_capability_to_role( $role = '', $permission = '' ) {
if( empty( $role ) || empty( $permission ) ) {
return;
}
$role = get_role( $role );
// add manage_repairplugin_pro
$role->add_cap( $permission );
}
// if current user as activate_plugins capability but not repairplugin, add repairplugin capability
function rp_add_repairplugin_capability_to_admin() {
if( !function_exists('get_current_user_id') ) {
return;
}
$currentUserId = get_current_user_id();
if( empty( $currentUserId ) ) {
return;
}
// print global current user
global $current_user;
if( rp_check_if_user_has_capability( $currentUserId, 'activate_plugins' ) ) {
if( !rp_check_if_user_has_capability( $currentUserId, 'manage_repairplugin_pro' ) ) {
rp_add_capability_directly_to_user( $currentUserId, 'manage_repairplugin_pro' );
// also add the global user
if( isset( $current_user ) && !empty( $current_user ) ) {
$current_user->add_cap( 'manage_repairplugin_pro' );
}
}
}
}
rp_add_action('admin_menu', 'rp_add_repairplugin_capability_to_admin');
function rp_remove_capability_from_role( $role = '', $permission = '' ) {
if( empty( $role ) || empty( $permission ) ) {
return;
}
$role = get_role( $role );
// remove manage_repairplugin_pro
$role->remove_cap( $permission );
}
function rp_remove_capability_from_user( $user_id = 0, $permission = '' ) {
if( empty( $user_id ) || empty( $permission ) ) {
return;
}
$user = new WP_User( $user_id );
// remove manage_repairplugin_pro
$user->remove_cap( $permission );
}
function rp_add_capability_directly_to_user( $user_id = 0, $permission = '' ) {
if( empty( $user_id ) || empty( $permission ) ) {
return;
}
$user = new WP_User( $user_id );
// add manage_repairplugin_pro
$user->add_cap( $permission );
}
function rp_get_roles_of_user( $user_id = 0 ) {
if( empty( $user_id ) ) {
return array();
}
$user = new WP_User( $user_id );
return $user->roles;
}
function rp_check_if_user_has_capability( $user_id = 0, $permission = '' ) {
if( empty( $user_id ) || empty( $permission ) ) {
return false;
}
$user = new WP_User( $user_id );
return $user->has_cap( $permission ) == true ? true : false;
}
function rp_get_all_wp_users() {
return get_users();
}
function rp_render_manage_permission_table_tr() {
ob_start();
$all_wp_users = rp_get_all_wp_users();
$hasAnyUser = false;
if( !empty( $all_wp_users ) ) {
$pricing_based_on_location = rp_is_enabled_pricing_based_on_location() == TRUE;
foreach( $all_wp_users as $_key => $theUser ) {
$has_capability = rp_check_if_user_has_capability( $theUser->ID, 'manage_repairplugin_pro' ) || rp_check_if_user_has_capability( $theUser->ID, 'activate_plugins' );
$locationHeadCapability = $pricing_based_on_location == TRUE && count( rp_get_allowed_locations_of_location_head( $theUser->ID ) ) > 0;
if( $has_capability == true || $locationHeadCapability ) {
$hasAnyUser = true;
$canDelete = 'can_delete';
$badge = '<span data-user_email="'.$theUser->user_email.'" class="rp-badge rp-badge-primary">Full</span>';
if( rp_check_if_user_has_capability( $theUser->ID, 'activate_plugins' ) ) {
$badge = '<span data-user_email="'.$theUser->user_email.'" class="rp-badge rp-badge-toplevel">Top Level</span>' . $badge;
$canDelete = 'cannot_delete';
}
if( $has_capability == false ) {
$badge = '<span data-user_email="'.$theUser->user_email.'" data-user_id="'.$theUser->ID.'" class="rp-badge rp-badge-secondary">Location</span>';
}
?>
<tr>
<td><?php echo $theUser->ID; ?></td>
<td><?php echo $theUser->display_name; ?></td>
<td><?php echo $theUser->user_email; ?></td>
<td><?php echo $badge; ?></td>
<td>
<button type="button" class="btn table-action-btn btn-danger <?php echo $canDelete; ?> btn-delete-item btn-sm" data-id="<?php echo $theUser->ID; ?>" data-name="<?php echo $theUser->display_name; ?>" data-email="<?php echo $theUser->user_email; ?>">
<i class="fa fa-trash-alt"></i>
</button>
</td>
</tr>
<?php
}
}
}
if( $hasAnyUser == false ) {
?>
<tr>
<td colspan="4" class="text-center">No results found</td>
</tr>
<?php
}
return ob_get_clean();
}
function rp_remove_all_location_heads_of_location( $location_id = 0 ) {
global $rpQuery;
if( empty( $location_id ) ) {
return;
}
$table_rs_location_admin = $rpQuery->prefix . "rs_location_admin";
$oldResults = $rpQuery->get_results("SELECT * FROM $table_rs_location_admin WHERE location_id = $location_id");
$rpQuery->query("DELETE FROM $table_rs_location_admin WHERE location_id = $location_id");
if( !empty( $oldResults ) ) {
foreach( $oldResults as $_key => $theResult ) {
$userIsStillHead = $rpQuery->get_row("SELECT * FROM $table_rs_location_admin WHERE user_id = $theResult->user_id");
if( empty( $userIsStillHead ) ) {
// The user has been removed from all locations, remove the capability
rp_remove_capability_from_user( $theResult->user_id, 'repairplugin_location_head' );
}
}
}
}
function rp_add_user_as_location_head_multiple( $location_id = 0, $user_ids = array() ) {
if( empty( $location_id ) || empty( $user_ids ) || !is_array( $user_ids ) ) {
return;
}
foreach( $user_ids as $_key => $the_user_id ) {
rp_add_user_as_location_head( $location_id, $the_user_id );
}
}
function rp_remove_user_as_location_head_from_all_locations( $user_id = 0 ) {
global $rpQuery;
if( empty( $user_id ) ) {
return;
}
$user_id = intval( $user_id );
$table_rs_location_admin = $rpQuery->prefix . "rs_location_admin";
$rpQuery->query("DELETE FROM $table_rs_location_admin WHERE user_id = $user_id");
rp_remove_capability_from_user( $user_id, 'repairplugin_location_head' );
}
function rp_get_where_user_is_location_head() {
global $rpQuery;
rp_verify_csrf_token_for_simple_form('manage_permission');
if(!current_user_can('activate_plugins')) {
echo json_encode(array(
'status' => false,
'rp_validation_error' => 'Something went wrong, please refresh the page and try agian.'
));
exit;
}
$user_id = intval( $_POST['user_id'] ?? 0 );
if( $user_id <= 0 ) {
echo json_encode(array(
'status' => false,
'rp_validation_error' => 'Invalid user.'
));
exit;
}
$userLocations = rp_get_allowed_locations_of_location_head( $user_id );
if( empty( $userLocations ) ) {
echo json_encode(array(
'status' => false,
'rp_validation_error' => 'This user is not a shop manager.'
));
exit;
}
$locations = array();
$table_rs_company_location = $rpQuery->prefix . "rs_company_location";
$allLocations = $rpQuery->get_results("SELECT * FROM $table_rs_company_location");
if( !empty( $allLocations ) ) {
foreach( $allLocations as $_key => $theLocation ) {
if( in_array( $theLocation->location_id, $userLocations ) ) {
$locations[] = array(
'location_id' => $theLocation->location_id,
'location_name' => $theLocation->location_name,
);
}
}
}
echo json_encode(array(
'status' => true,
'locations' => $locations
));
exit;
}
rp_ajax_for_admin('rp_get_where_user_is_location_head', 'rp_get_where_user_is_location_head');
// get allowed locations of user
function rp_get_allowed_locations_of_location_head( $user_id = 0 ) {
global $rpQuery;
if( empty( $user_id ) ) {
return array();
}
$user_id = intval( $user_id );
$table_rs_location_admin = $rpQuery->prefix . "rs_location_admin";
$results = $rpQuery->get_results( "SELECT * FROM $table_rs_location_admin WHERE user_id = $user_id" );
$location_ids = array();
if( !empty( $results ) ) {
foreach( $results as $_key => $theResult ) {
if( !rp_the_location_really_exists( $theResult->location_id ) ) {
continue;
}
$location_ids[] = $theResult->location_id;
}
}
return $location_ids;
}
// add user to shop manager
function rp_add_user_as_location_head( $location_id = 0, $user_id = 0 ) {
global $rpQuery;
if( empty( $location_id ) || empty( $user_id ) ) {
return;
}
$location_id = intval( $location_id );
$user_id = intval( $user_id );
$table_rs_location_admin = $rpQuery->prefix . "rs_location_admin";
$rpQuery->query("INSERT INTO $table_rs_location_admin (user_id, location_id) VALUES ($user_id, $location_id)");
rp_add_capability_directly_to_user( $user_id, 'repairplugin_location_head' );
}
// get all active company locations
function rp_get_all_active_company_locations() {
static $allLocations;
if( !empty( $allLocations ?? null ) ) {
return $allLocations;
}
global $rpQuery;
$table_rs_company_location = $rpQuery->prefix . "rs_company_location";
$results = $rpQuery->get_results( "SELECT * FROM $table_rs_company_location" );
$location_ids = array();
if( !empty( $results ) ) {
foreach( $results as $_key => $theResult ) {
$location_ids[] = $theResult->location_id;
}
}
$allLocations = $location_ids;
return $location_ids;
}
function rp_the_location_really_exists( $location_id = 0 ) {
$all_locations = rp_get_all_active_company_locations();
return in_array( $location_id, $all_locations ) ? true : false;
}
// get all shop managers regardless of location
function rp_get_all_location_heads() {
global $rpQuery;
$table_rs_location_admin = $rpQuery->prefix . "rs_location_admin";
$results = $rpQuery->get_results( "SELECT * FROM $table_rs_location_admin" );
$user_ids = array();
if( !empty( $results ) ) {
foreach( $results as $_key => $theResult ) {
if( !rp_the_location_really_exists( $theResult->location_id ) ) {
continue;
}
if( !in_array( $theResult->user_id, $user_ids ) ) {
$user_ids[] = $theResult->user_id;
}
}
}
return $user_ids;
}
function rp_get_users_who_can_become_location_head() {
$alreadyLocationHeads = rp_get_all_location_heads();
$all_wp_users = rp_get_all_wp_users();
$filteredUsers = array();
// loop through all wp_users, if user is already a shop manager, add to filteredUsers
// if user is administator, skip
// if user is subscriber or customer, skip
foreach( $all_wp_users as $_key => $theUser ) {
if( in_array( $theUser->ID, $alreadyLocationHeads ) ) {
$filteredUsers[] = $theUser;
} else {
if( rp_check_if_user_has_capability( $theUser->ID, 'manage_repairplugin_pro' ) || rp_check_if_user_has_capability( $theUser->ID, 'activate_plugins' ) ) {
continue;
}
if( in_array( 'subscriber', $theUser->roles ) || in_array( 'customer', $theUser->roles ) ) {
// if this is the only role, continue
if( count( $theUser->roles ) == 1 ) {
continue;
}
}
$filteredUsers[] = $theUser;
}
}
foreach( $filteredUsers as $_key => $theUser ) {
$filteredUsers[$_key] = array(
'ID' => $theUser->ID,
'display_name' => $theUser->display_name,
'user_email' => $theUser->user_email,
);
}
return $filteredUsers;
}
function rp_render_mange_permission_add_user_button() {
ob_start();
$all_wp_users = rp_get_all_wp_users();
$foundUsers = 0;
if(!empty($all_wp_users)) {
$pricing_based_on_location = rp_is_enabled_pricing_based_on_location() == TRUE;
foreach($all_wp_users as $user) {
// skip those that already have the capability
if( rp_check_if_user_has_capability( $user->ID, 'manage_repairplugin_pro' ) || rp_check_if_user_has_capability( $user->ID, 'activate_plugins' ) ) {
continue;
}
if( $pricing_based_on_location == TRUE && count( rp_get_allowed_locations_of_location_head( $user->ID ) ) > 0 ) {
continue;
}
// if user role is subscriber or customer, skip
if( in_array( 'subscriber', $user->roles ) || in_array( 'customer', $user->roles ) ) {
// if this is the only role, continue
if( count( $user->roles ) == 1 ) {
continue;
}
}
$foundUsers++;
}
}
$selectUserText = '-- Select User --';
if( $foundUsers == 0 ) {
$selectUserText = 'No more users to add';
}
?>
<div class="row add-user">
<div class="col-9">
<select name="user_email coupons_select" class="user-email" multiple="multiple">
<option value=""><?php echo $selectUserText; ?></option>
<?php
$all_wp_users = rp_get_all_wp_users();
if(!empty($all_wp_users)) {
foreach($all_wp_users as $user) {
// skip those that already have the capability
if( rp_check_if_user_has_capability( $user->ID, 'manage_repairplugin_pro' ) || rp_check_if_user_has_capability( $user->ID, 'activate_plugins' ) ) {
continue;
}
if( $pricing_based_on_location == TRUE && count( rp_get_allowed_locations_of_location_head( $user->ID ) ) > 0 ) {
continue;
}
// if user role is subscriber or customer, skip
if( in_array( 'subscriber', $user->roles ) || in_array( 'customer', $user->roles ) ) {
// if this is the only role, continue
if( count( $user->roles ) == 1 ) {
continue;
}
}
?>
<option value="<?php echo $user->ID; ?>"><?php echo $user->user_email; ?></option>
<?php
}
}
?>
</select>
</div>
<div class="col-3">
<button type="button" class="btn table-action-btn btn-primary add-user-btn">Add <i class="fa fa-plus"></i></button>
</div>
</div>
<?php
return ob_get_clean();
}
function rp_allow_users_to_access_repairplugin() {
rp_verify_csrf_token_for_simple_form('manage_permission');
if(!current_user_can('activate_plugins')) {
echo json_encode(array(
'status' => false,
'rp_validation_error' => 'Something went wrong, please refresh the page and try agian.'
));
exit;
}
$user_ids = $_POST['user_ids'] ?? array();
if( empty( $user_ids ) ) {
echo json_encode(array(
'status' => false,
'rp_validation_error' => 'Please select at least one user.'
));
exit;
}
if( is_string( $user_ids ) ) {
$user_ids = explode(',', $user_ids);
}
if( !empty( $user_ids ) ) {
foreach( $user_ids as $_key => $the_user_id ) {
$the_user_id = intval( $the_user_id );
if( $the_user_id <= 0 ) {
continue;
}
rp_add_capability_directly_to_user( $the_user_id, 'manage_repairplugin_pro' );
rp_remove_user_as_location_head_from_all_locations( $the_user_id );
}
}
echo json_encode(array(
'status' => true,
'tr_markup' => rp_render_manage_permission_table_tr(),
'add_user_markup' => rp_render_mange_permission_add_user_button(),
));
exit;
}
rp_ajax_for_admin('rp_allow_users_to_access_repairplugin', 'rp_allow_users_to_access_repairplugin');
function rp_remove_user_from_accessing_repairplugin() {
rp_verify_csrf_token_for_simple_form('manage_permission');
if(!current_user_can('activate_plugins')) {
echo json_encode(array(
'status' => false,
'rp_validation_error' => 'Something went wrong, please refresh the page and try agian.'
));
exit;
}
$user_id = intval( $_POST['user_id'] ?? 0 );
if( $user_id <= 0 ) {
echo json_encode(array(
'status' => false,
'rp_validation_error' => 'Invalid user.'
));
exit;
}
// if administator, don't allow to delete
if( rp_check_if_user_has_capability( $user_id, 'activate_plugins' ) ) {
echo json_encode(array(
'status' => false,
'rp_validation_error' => 'You cannot delete a user with activate_plugins capability from accessing Repairplugin.'
));
exit;
}
rp_remove_capability_from_user( $user_id, 'manage_repairplugin_pro' );
rp_remove_user_as_location_head_from_all_locations( $user_id );
echo json_encode(array(
'status' => true,
'tr_markup' => rp_render_manage_permission_table_tr(),
'add_user_markup' => rp_render_mange_permission_add_user_button(),
));
exit;
}
rp_ajax_for_admin('rp_remove_user_from_accessing_repairplugin', 'rp_remove_user_from_accessing_repairplugin');
function rp_get_heads_of_location( $location_id = 0 ) {
global $rpQuery;
if( empty( $location_id ) ) {
return array();
}
$table_rs_location_admin = $rpQuery->prefix . "rs_location_admin";
$results = $rpQuery->get_results( "SELECT * FROM $table_rs_location_admin WHERE location_id = $location_id" );
$user_ids = array();
if( !empty( $results ) ) {
foreach( $results as $_key => $theResult ) {
$user_ids[] = $theResult->user_id;
}
}
return $user_ids;
}
function rp_current_user_has_full_access_cached() {
static $rp_has_access_cached = null;
if( $rp_has_access_cached !== null ) {
return $rp_has_access_cached;
}
$rp_has_access_cached = rp_current_user_has_full_access();
return $rp_has_access_cached;
}
function rp_current_user_has_full_access() {
if( !function_exists('get_current_user_id') ) {
return false;
}
$currentUserId = get_current_user_id();
if( !empty( $currentUserId ) ) {
$condition1 = rp_check_if_user_has_capability( $currentUserId, 'manage_repairplugin_pro' ) == true ? true : false;
$condition2 = rp_check_if_user_has_capability( $currentUserId, 'activate_plugins' ) == true ? true : false;
return $condition1 || $condition2;
}
return false;
}
function rp_get_all_location_ids_from_db() {
global $rpQuery;
$table_rs_company_location = $rpQuery->prefix . "rs_company_location";
$results = $rpQuery->get_results("SELECT * FROM $table_rs_company_location");
$location_ids = array();
if( !empty( $results ) ) {
foreach( $results as $_key => $theResult ) {
$location_ids[] = $theResult->location_id;
}
}
return $location_ids;
}
function rp_get_allowed_locations_of_current_user() {
if( !function_exists('get_current_user_id') ) {
return array();
}
$currentUserId = get_current_user_id();
if( rp_current_user_has_full_access() ) {
return rp_get_all_location_ids_from_db();
} else if( rp_is_current_user_location_head() ) {
return rp_get_allowed_locations_of_location_head( $currentUserId );
} else {
return array();
}
}
function rp_is_current_user_location_head() {
if( !function_exists('get_current_user_id') ) {
return false;
}
$currentUserId = get_current_user_id();
if( !empty( $currentUserId ) && rp_is_enabled_pricing_based_on_location() == TRUE && count( rp_get_allowed_locations_of_location_head( $currentUserId ) ) > 0 ) {
return rp_check_if_user_has_capability( $currentUserId, 'repairplugin_location_head' ) == true ? true : false;
}
return false;
}
function rp_verify_user_full_access_ajax() {
if( !rp_current_user_has_full_access() ) {
echo json_encode(array(
'status' => false,
'rp_validation_error' => 'You do not have permission to perform this action.'
));
exit;
}
}
function rp_current_user_can_edit_schedule_group( $schedule_group_id = 0 ) {
if( rp_current_user_has_full_access_cached() ) {
return TRUE;
}
$schedule_groups = rp_get_all_schedule_groups();
$schedule_groups = rp_filter_schedules_that_loc_head_can_manage( $schedule_groups );
foreach( $schedule_groups as $_key => $theScheduleGroup ) {
if( $theScheduleGroup->id == $schedule_group_id ) {
return TRUE;
}
}
return FALSE;
}
function rp_verify_editing_schedule_group() {
$schedule_group_id = intval( $_POST['id'] ?? 0 );
if( !rp_current_user_can_edit_schedule_group( $schedule_group_id ) ) {
echo json_encode(array(
'status' => false,
'rp_validation_error' => 'You do not have permission to perform this action.'
));
exit;
}
}