tec3/five-for-the-future
tec3/five-for-the-future
1
0
Fork 0
mirror of https://github.com/WordPress/five-for-the-future.git synced 2025-07-08 03:35:44 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Manage Pledge: Enable pledge admins to edit contributors from manage form (#108)

Browse source 
* Add contributor management to manage form
* Check `pledge_id` to prevent returning all contributors
* Return a plain text error string – this is used in an alert box, so it can't contain HTML
* Hide confirmation when pledge is a draft
* Only enqueue script if the user is authorized
This commit is contained in:
Kelly Dwan 2019-11-26 12:57:14 -05:00
parent 45c76aab9c
commit 5bb70abdc2
No known key found for this signature in database
GPG key ID: 8BA5575F3D11575D
8 changed files with 110 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

31
plugins/wporg-5ftf/includes/pledge-meta.php
View file

@ -6,7 +6,7 @@
namespace WordPressDotOrg\FiveForTheFuture\PledgeMeta;
use WordPressDotOrg\FiveForTheFuture;
use WordPressDotOrg\FiveForTheFuture\{ Contributor, Email, Pledge, PledgeForm, XProfile };
use WordPressDotOrg\FiveForTheFuture\{ Auth, Contributor, Email, Pledge, PledgeForm, XProfile };
use WP_Post, WP_Error;
defined( 'WPINC' ) || die();
@ -18,6 +18,7 @@ add_action( 'init', __NAMESPACE__ . '\schedule_cron_jobs' );
add_action( 'admin_init', __NAMESPACE__ . '\add_meta_boxes' );
add_action( 'save_post', __NAMESPACE__ . '\save_pledge', 10, 2 );
add_action( 'admin_enqueue_scripts', __NAMESPACE__ . '\enqueue_assets' );
add_action( 'wp_enqueue_scripts', __NAMESPACE__ . '\enqueue_assets' );
add_action( 'transition_post_status', __NAMESPACE__ . '\maybe_update_single_cached_pledge_data', 10, 3 );
add_action( 'update_all_cached_pledge_data', __NAMESPACE__. '\update_all_cached_pledge_data' );
@ -208,6 +209,7 @@ function add_meta_boxes() {
function render_meta_boxes( $pledge, $box ) {
$readonly = ! current_user_can( 'edit_page', $pledge->ID );
$is_manage = true;
$pledge_id = $pledge->ID;
$data = array();
foreach ( get_pledge_meta_config() as $key => $config ) {
@ -503,9 +505,14 @@ function enqueue_assets() {
$ver = filemtime( FiveForTheFuture\PATH . '/assets/js/admin.js' );
wp_register_script( '5ftf-admin', plugins_url( 'assets/js/admin.js', __DIR__ ), [ 'jquery', 'wp-util' ], $ver );
$pledge_id = is_admin() ? get_the_ID() : absint( $_REQUEST['pledge_id'] ?? 0 );
$auth_token = sanitize_text_field( $_REQUEST['auth_token'] ?? '' );
$script_data = [
'pledgeId' => get_the_ID(),
// The global ajaxurl is not set on the frontend.
'ajaxurl' => admin_url( 'admin-ajax.php', 'relative' ),
'pledgeId' => $pledge_id,
'manageNonce' => wp_create_nonce( 'manage-contributors' ),
'authToken' => $auth_token,
];
wp_add_inline_script(
'5ftf-admin',
@ -516,9 +523,21 @@ function enqueue_assets() {
'before'
);
$current_page = get_current_screen();
if ( Pledge\CPT_ID === $current_page->id ) {
wp_enqueue_style( '5ftf-admin' );
wp_enqueue_script( '5ftf-admin' );
if ( is_admin() ) {
$current_page = get_current_screen();
if ( Pledge\CPT_ID === $current_page->id ) {
wp_enqueue_style( '5ftf-admin' );
wp_enqueue_script( '5ftf-admin' );
}
} else {
global $post;
if ( is_a( $post, 'WP_Post' ) ) {
$pledge_id = absint( $_REQUEST['pledge_id'] ?? 0 );
$auth_token = sanitize_text_field( $_REQUEST['auth_token'] ?? '' );
$can_manage = Auth\can_manage_pledge( $pledge_id, $auth_token );
if ( ! is_wp_error( $can_manage ) && has_shortcode( $post->post_content, '5ftf_pledge_form_manage' ) ) {
wp_enqueue_script( '5ftf-admin' );
}
}
}
}