Making WordPress.org

Changeset 8136


Ignore:
Timestamp:
01/24/2019 02:31:10 PM (6 years ago)
Author:
coreymckrill
Message:

WordCamp Payments: Prevent submission of requests that have no documentation

For both Payment Requests and Reimbursement Requests:

  • Add a method to check and see if the request post can be submitted. Currently this just checks to see if the post has one or more files attached to it.
  • When the post fails the check, show a note in the Status metabox that documentation must be attached first, and don't render the Submit for Review button.
Location:
sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments
Files:
1 added
5 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments/includes/payment-request.php

    r6718 r8136  
    109109            )
    110110        );
     111    }
     112
     113    /**
     114     * Get a list of statuses for which posts can be edited by non-admins.
     115     *
     116     * @return array
     117     */
     118    protected static function get_editable_statuses() {
     119        return [ 'auto-draft', 'draft', 'wcb-incomplete' ];
    111120    }
    112121
     
    231240        }
    232241
    233         $editable_statuses = array( 'auto-draft', 'draft', 'wcb-incomplete' );
     242        $editable_statuses = self::get_editable_statuses();
    234243        $current_user_can_edit_request = false;
    235244        $submit_text = esc_html_x( 'Update', 'payment request', 'wordcamporg' );
    236245        $submit_note = '';
     246        $submit_note_class = 'warning';
    237247
    238248        if ( current_user_can( 'manage_network' ) ) {
    239249            $current_user_can_edit_request = true;
    240250        } elseif ( in_array( $post->post_status, $editable_statuses ) ) {
    241             $submit_text = esc_html__( 'Submit for Review', 'wordcamporg' );
    242             $submit_note = esc_html__( 'Once submitted for review, this request can not be edited.', 'wordcamporg' );
     251            if ( WordCamp_Budgets::can_submit_request( $post ) ) {
     252                $submit_text = __( 'Submit for Review', 'wordcamporg' );
     253                $submit_note = __( 'Once submitted for review, this request cannot be edited.', 'wordcamporg' );
     254            } else {
     255                $submit_note = __( 'Please add an invoice or other supporting documentation in the Files section and save the draft.', 'wordcamporg' );
     256                $submit_note_class = 'error';
     257            }
     258
    243259            $current_user_can_edit_request = true;
    244260        }
     
    584600        // Submit for Review button was clicked.
    585601        if ( ! current_user_can( 'manage_network' ) ) {
    586             $editable_statuses = array( 'auto-draft', 'draft', 'wcb-incomplete' );
     602            $editable_statuses = self::get_editable_statuses();
    587603            if ( ! empty( $post_data_raw['wcb-update'] ) && in_array( $post_data['post_status'], $editable_statuses ) ) {
    588604                $post_data['post_status'] = 'wcb-pending-approval';
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments/includes/reimbursement-request.php

    r6718 r8136  
    66
    77namespace WordCamp\Budgets\Reimbursement_Requests;
     8defined( 'WPINC' ) or die();
     9
     10use WP_Post;
    811use WCP_Encryption;
    912use WordCamp\Utilities;
    10 
    11 defined( 'WPINC' ) or die();
     13use WordCamp_Budgets;
    1214
    1315const POST_TYPE = 'wcb_reimbursement';
     
    251253 * submitted yet, or if we've asked for more information.
    252254 *
    253  * @param \WP_Post $post
     255 * @param WP_Post $post
    254256 *
    255257 * @return bool
     
    263265 * Render the Status metabox
    264266 *
    265  * @param \WP_Post $post
     267 * @param WP_Post $post
    266268 */
    267269function render_status_metabox( $post ) {
     
    286288    $submit_text = esc_html_x( 'Update', 'payment request', 'wordcamporg' );
    287289    $submit_note = '';
     290    $submit_note_class = 'warning';
    288291
    289292    if ( current_user_can( 'manage_network' ) ) {
    290293        $current_user_can_edit_request = true;
    291294    } elseif ( in_array( $post->post_status, $editable_statuses ) ) {
    292         $submit_text = esc_html__( 'Submit for Review', 'wordcamporg' );
    293         $submit_note = esc_html__( 'Once submitted for review, this request can not be edited.', 'wordcamporg' );
     295        if ( WordCamp_Budgets::can_submit_request( $post ) ) {
     296            $submit_text = __( 'Submit for Review', 'wordcamporg' );
     297            $submit_note = __( 'Once submitted for review, this request cannot be edited.', 'wordcamporg' );
     298        } else {
     299            $submit_note = __( 'Please add an invoice or other supporting documentation in the Files section and save the draft.', 'wordcamporg' );
     300            $submit_note_class = 'error';
     301        }
     302
    294303        $current_user_can_edit_request = true;
    295304    }
     
    300309    $request_id         = get_current_blog_id() . '-' . $post->ID;
    301310    $requested_by       = \WordCamp_Budgets::get_requester_name( $post->post_author );
    302     $update_text        = current_user_can( 'manage_network' ) ? esc_html__( 'Update Request', 'wordcamporg' ) : esc_html__( 'Send Request', 'wordcamporg' );
    303311
    304312    require_once( dirname( __DIR__ ) . '/views/reimbursement-request/metabox-status.php' );
     
    308316 * Render the Notes metabox
    309317 *
    310  * @param \WP_Post $post
     318 * @param WP_Post $post
    311319 */
    312320function render_notes_metabox( $post ) {
     
    321329 * Render General Information Metabox
    322330 *
    323  * @param \WP_Post $post
     331 * @param WP_Post $post
    324332 *
    325333 */
     
    365373 * Render Expenses Metabox
    366374 *
    367  * @param \WP_Post $post
     375 * @param WP_Post $post
    368376 *
    369377 */
     
    440448 *
    441449 * @param int      $post_id
    442  * @param \WP_Post $post
     450 * @param WP_Post $post
    443451 */
    444452function save_request( $post_id, $post ) {
     
    465473     * user_can_edit_request() instead.
    466474     */
    467     $original_post = new \WP_Post( (object) array( 'post_status' => $_POST['original_post_status'] ) );
     475    $original_post = new WP_Post( (object) array( 'post_status' => $_POST['original_post_status'] ) );
    468476
    469477    if ( user_can_edit_request( $original_post ) ) {
     
    671679 * Validate and save expense data
    672680 *
    673  * @param \WP_Post $post
     681 * @param WP_Post $post
    674682 * @param array    $expenses
    675683 */
     
    716724 * Notify WordCamp Central or the request author when new notes are added
    717725 *
    718  * @param \WP_Post $request
     726 * @param WP_Post $request
    719727 * @param array    $note
    720728 */
     
    762770 * @param string   $new_status
    763771 * @param string   $old_status
    764  * @param \WP_Post $request
     772 * @param WP_Post $request
    765773 */
    766774function notify_organizer_request_updated( $new_status, $old_status, $request ) {
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments/includes/wordcamp-budgets.php

    r8106 r8136  
    26692669
    26702670    /**
     2671     * Check if a request post meets the requirements to be submitted for review.
     2672     *
     2673     * @param WP_Post $post
     2674     */
     2675    public static function can_submit_request( $post ) {
     2676        // A request must have documentation attached before it can be submitted.
     2677        $files = self::get_attached_files( $post );
     2678        if ( empty( $files ) ) {
     2679            return false;
     2680        }
     2681
     2682        return true;
     2683    }
     2684
     2685    /**
    26712686     * Get the files attached to a post
    26722687     *
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments/views/payment-request/metabox-status.php

    r4967 r8136  
     1<?php
     2/**
     3 * @var WP_Post             $post
     4 * @var WCP_Payment_Request $this
     5 * @var bool                $current_user_can_edit_request
     6 * @var string              $submit_text
     7 * @var string              $submit_note
     8 * @var string              $submit_note_class
     9 * @var bool                $date_vendor_paid_readonly
     10 * @var string              $incomplete_notes
     11 * @var bool                $incomplete_readonly
     12 */
     13?>
    114<div id="submitpost" class="wcb submitbox">
    215    <div id="minor-publishing">
     
    4053
    4154                            <select id="wcb_status" name="post_status">
    42                                 <?php foreach ( self::get_post_statuses() as $status ) : ?>
     55                                <?php foreach ( WCP_Payment_Request::get_post_statuses() as $status ) : ?>
    4356                                    <?php $status = get_post_status_object( $status ); ?>
    4457                                    <option value="<?php echo esc_attr( $status->name ); ?>" <?php selected( $post->post_status, $status->name ); ?> >
     
    8396    </div> <!-- #minor-publishing -->
    8497
    85 
    86     <div id="major-publishing-actions">
    87         <?php if ( $current_user_can_edit_request ) : ?>
    88 
    89             <?php if ( !empty( $submit_note ) ) : ?>
    90                 <div><?php echo $submit_note; ?></div>
    91             <?php endif; ?>
    92 
    93 
    94             <div id="delete-action">
    95                 <?php if ( current_user_can( 'delete_post', $post->ID ) ) : ?>
    96                     <a class="submitdelete deletion" href="<?php echo get_delete_post_link( $post->ID ); ?>">
    97                         <?php _e( 'Delete', 'wordcamporg' ); ?>
    98                     </a>
    99                 <?php endif; ?>
    100             </div>
    101 
    102             <div id="publishing-action">
    103                 <input name="original_publish" type="hidden" id="original_publish" value="<?php esc_attr( $submit_text ) ?>" />
    104                 <?php submit_button( $submit_text, 'primary button-large', 'wcb-update', false, array( 'accesskey' => 'p' ) ); ?>
    105             </div>
    106 
    107             <div class="clear"></div>
    108 
    109         <?php else : ?>
    110 
    111             <?php _e( 'This request can not be edited.', 'wordcamporg' ); ?>
    112 
    113         <?php endif; ?>
    114     </div> <!-- #major-publishing-actions -->
     98    <?php require dirname( __DIR__ ) . '/wordcamp-budgets/major-publishing-actions.php'; ?>
    11599
    116100</div> <!-- .submitbox -->
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments/views/reimbursement-request/metabox-status.php

    r4967 r8136  
    44defined( 'WPINC' ) or die();
    55
     6/**
     7 * @var \WP_Post $post
     8 * @var bool     $current_user_can_edit_request
     9 * @var string   $request_id
     10 * @var string   $requested_by
     11 * @var string   $incomplete_notes
     12 * @var bool     $incomplete_readonly
     13 * @var string   $submit_text
     14 * @var string   $submit_note
     15 * @var string   $submit_note_class
     16 */
    617?>
    718
     
    8596    </div> <!-- #minor-publishing -->
    8697
    87 
    88     <div id="major-publishing-actions">
    89         <?php if ( $current_user_can_edit_request ) : ?>
    90             <?php if ( !empty( $submit_note ) ) : ?>
    91                 <div><?php echo $submit_note; ?></div>
    92             <?php endif; ?>
    93 
    94             <div id="delete-action">
    95                 <?php if ( current_user_can( 'delete_post', $post->ID ) ) : ?>
    96                     <a class="submitdelete deletion" href="<?php echo get_delete_post_link( $post->ID ); ?>">
    97                         <?php _e( 'Delete', 'wordcamporg' ); ?>
    98                     </a>
    99                 <?php endif; ?>
    100             </div>
    101 
    102             <div id="publishing-action">
    103                 <input name="original_publish" type="hidden" id="original_publish" value="<?php esc_attr( $submit_text ) ?>" />
    104                 <?php submit_button( $submit_text, 'primary button-large', 'wcb-update', false, array( 'accesskey' => 'p' ) ); ?>
    105             </div>
    106 
    107             <div class="clear"></div>
    108 
    109         <?php else : ?>
    110 
    111             <?php _e( 'This request can not be edited.', 'wordcamporg' ); ?>
    112 
    113         <?php endif; ?>
    114     </div> <!-- #major-publishing-actions -->
     98    <?php require dirname( __DIR__ ) . '/wordcamp-budgets/major-publishing-actions.php'; ?>
    11599
    116100</div> <!-- .submitbox -->
Note: See TracChangeset for help on using the changeset viewer.