WordPress.org

Making WordPress.org

Changeset 6094


Ignore:
Timestamp:
11/09/2017 01:29:02 AM (2 years ago)
Author:
iandunn
Message:

WordCamp Budgets: Limit access to payment details to protect privacy.

Props hugo-finley, idea15, andreamiddleton
See #3244

Location:
sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments/includes/wordcamp-budgets.php

    r6067 r6094  
    66class WordCamp_Budgets {
    77    const VERSION = '0.1.4';
     8    const PAYMENT_INFO_RETENTION_PERIOD = 14; // days
    89
    910    /**
     
    1415        add_action( 'admin_menu',             array( $this, 'register_budgets_menu' )     );
    1516        add_action( 'admin_enqueue_scripts',  array( $this, 'enqueue_common_assets' ), 11 );
     17        add_filter( 'user_has_cap',           array( __CLASS__, 'user_can_view_payment_details' ), 10, 4 );
    1618    }
    1719
     
    977979
    978980    /**
     981     * Limit access to payment details to protect privacy.
     982     *
     983     * Only network admins and the request's author should be able to see the details. Trusted deputies
     984     * do not need access, since they can't issue payments.
     985     *
     986     * @filter user_has_cap.
     987     *
     988     * @param array   $users_capabilities  All of the user's capabilities.
     989     * @param array   $mapped_capabilities All capabilities required to perform the given capability.
     990     * @param array   $args                (optional) Additional parameters passed to WP_User::has_cap().
     991     * @param WP_User $user                The user whose capabilities we're modifying.
     992     *
     993     * @return array
     994     */
     995    public static function user_can_view_payment_details( $users_capabilities, $mapped_capabilities, $args, $user ) {
     996        global $post;
     997
     998        $target_capability = 'view_wordcamp_payment_details';
     999        $users_capabilities[ $target_capability ] = false;
     1000
     1001        /*
     1002         * We also want network admins to have access, but it isn't necessary to explicitly add them
     1003         * here, because `has_cap()` always returns `true` for them.
     1004         */
     1005        if ( in_array( $target_capability, $args ) && isset( $post->post_author ) && $post->post_author == $user->ID ) {
     1006            $users_capabilities[ $target_capability ] = true;
     1007        }
     1008
     1009        return $users_capabilities;
     1010    }
     1011
     1012    /**
    9791013     * Insert an entry into a log for one of the custom post types
    9801014     *
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments/views/payment-request/metabox-payment.php

    r4967 r6094  
     1<?php if ( current_user_can( 'view_wordcamp_payment_details' ) ) : ?>
     2
    13<?php if ( ! empty( $box['args']['introduction_message'] ) ) : ?>
    24    <p>
     
    46    </p>
    57<?php endif; ?>
     8
     9    <p>
     10        <?php echo esc_html( sprintf(
     11            __( "Payment information will be redacted %d days after the payment has been sent. Until then, it will be available to you and to trusted network administrators.", 'wordcamporg' ),
     12            WordCamp_Budgets::PAYMENT_INFO_RETENTION_PERIOD
     13        ) ); ?>
     14    </p>
    615
    716<fieldset <?php disabled( $box['args']['fields_enabled'], false ); ?> >
     
    95104    <?php esc_html_e( '* required', 'wordcamporg' ); ?>
    96105</p>
     106
     107<?php else : ?>
     108
     109    <?php esc_html_e( 'Only the request author and network administrators can view payment details.', 'wordcamporg' ); ?>
     110
     111<?php endif; ?>
Note: See TracChangeset for help on using the changeset viewer.