/**
  * Show admin notice about purchase code and license.
  */
 public function showAdminNotice()
 {
     if (AB_Utils::isCurrentUserAdmin() && !get_user_meta(get_current_user_id(), 'ab_dismiss_admin_notice', true) && get_option('ab_envato_purchase_code') == '' && time() > get_option('ab_installation_time') + 604800) {
         $this->render('admin_notice');
     }
 }
Exemple #2
0
</span>)
            <?php 
} else {
    ?>
                <?php 
    _e('Profile', 'bookly');
    ?>
            <?php 
}
?>
        </h3>
    </div>
    <div class="panel-body">
        <div class="row">
            <div id="ab-staff" class="ab-left-bar col-md-3 col-sm-3 col-xs-12 col-lg-3"<?php 
if (!AB_Utils::isCurrentUserAdmin()) {
    ?>
 style="display: none" <?php 
}
?>
>
                <ul id="ab-staff-list">
                    <?php 
if ($staff_members) {
    ?>
                        <?php 
    foreach ($staff_members as $staff) {
        ?>
                            <li class="ab-staff-member" id="ab-list-staff-<?php 
        echo $staff['id'];
        ?>
 /**
  * Extend parent method to control access on staff member level.
  *
  * @param string $action
  * @return bool
  */
 protected function hasAccess($action)
 {
     if (parent::hasAccess($action)) {
         if (!AB_Utils::isCurrentUserAdmin()) {
             $staff = new AB_Staff();
             switch ($action) {
                 case 'executeEditStaff':
                 case 'executeDeleteStaffAvatar':
                 case 'executeStaffServices':
                 case 'executeStaffSchedule':
                 case 'executeStaffHolidays':
                     $staff->load($this->getParameter('id'));
                     break;
                 case 'executeStaffServicesUpdate':
                 case 'executeStaffHolidaysUpdate':
                     $staff->load($this->getParameter('staff_id'));
                     break;
                 case 'executeStaffScheduleHandleBreak':
                     $staffScheduleItem = new AB_StaffScheduleItem();
                     $staffScheduleItem->load($this->getParameter('staff_schedule_item_id'));
                     $staff->load($staffScheduleItem->get('staff_id'));
                     break;
                 case 'executeDeleteStaffScheduleBreak':
                     $break = new AB_ScheduleItemBreak();
                     $break->load($this->getParameter('id'));
                     $staffScheduleItem = new AB_StaffScheduleItem();
                     $staffScheduleItem->load($break->get('staff_schedule_item_id'));
                     $staff->load($staffScheduleItem->get('staff_id'));
                     break;
                 case 'executeStaffScheduleUpdate':
                     if ($this->hasParameter('days')) {
                         foreach ($this->getParameter('days') as $id => $day_index) {
                             $staffScheduleItem = new AB_StaffScheduleItem();
                             $staffScheduleItem->load($id);
                             $staff = new AB_Staff();
                             $staff->load($staffScheduleItem->get('staff_id'));
                             if ($staff->get('wp_user_id') != get_current_user_id()) {
                                 return false;
                             }
                         }
                     }
                     break;
                 default:
                     return false;
             }
             return $staff->get('wp_user_id') == get_current_user_id();
         }
         return true;
     }
     return false;
 }
 /**
  * Get data needed for appointment form initialisation.
  */
 public function executeGetDataForAppointmentForm()
 {
     $result = array('staff' => array(), 'customers' => array(), 'custom_fields' => array(), 'time' => array(), 'time_interval' => get_option('ab_settings_time_slot_length') * 60);
     // Staff list.
     $staff_members = AB_Utils::isCurrentUserAdmin() ? AB_Staff::query()->sortBy('position')->find() : AB_Staff::query()->where('wp_user_id', get_current_user_id())->find();
     /** @var AB_Staff $staff_member */
     foreach ($staff_members as $staff_member) {
         $services = array();
         foreach ($staff_member->getStaffServices() as $staff_service) {
             $services[] = array('id' => $staff_service->service->get('id'), 'title' => sprintf('%s (%s)', $staff_service->service->get('title'), AB_Service::durationToString($staff_service->service->get('duration'))), 'duration' => $staff_service->service->get('duration'), 'capacity' => $staff_service->get('capacity'));
         }
         $result['staff'][] = array('id' => $staff_member->get('id'), 'full_name' => $staff_member->get('full_name'), 'services' => $services);
     }
     // Customers list.
     foreach (AB_Customer::query()->sortBy('name')->find() as $customer) {
         $name = $customer->get('name');
         if ($customer->get('email') != '' || $customer->get('phone') != '') {
             $name .= ' (' . trim($customer->get('email') . ', ' . $customer->get('phone'), ', ') . ')';
         }
         $result['customers'][] = array('id' => $customer->get('id'), 'name' => $name, 'custom_fields' => array(), 'number_of_persons' => 1);
     }
     // Time list.
     $ts_length = AB_BookingConfiguration::getTimeSlotLength();
     $time_start = AB_StaffScheduleItem::WORKING_START_TIME;
     $time_end = AB_StaffScheduleItem::WORKING_END_TIME;
     // Run the loop.
     while ($time_start <= $time_end) {
         $result['time'][] = array('value' => AB_DateTimeUtils::buildTimeString($time_start, false), 'title' => AB_DateTimeUtils::formatTime($time_start));
         $time_start += $ts_length;
     }
     wp_send_json($result);
 }
Exemple #5
0
 /**
  * Check if the current user has access to the action.
  *
  * Default access (if is not set with annotation for the controller or action) is "admin"
  * Access type:
  *  "admin"     - check if the current user is super admin
  *  "user"      - check if the current user is authenticated
  *  "anonymous" - anonymous user
  *
  * @param string $action
  * @return bool
  */
 protected function hasAccess($action)
 {
     $permissions = $this->getPermissions();
     $security = isset($permissions[$action]) ? $permissions[$action] : null;
     if (is_null($security)) {
         // Check if controller class has permission
         $security = isset($permissions['_this']) ? $permissions['_this'] : null;
         if (is_null($security)) {
             $security = 'admin';
         }
     }
     switch ($security) {
         case 'admin':
             return AB_Utils::isCurrentUserAdmin();
         case 'user':
             return is_user_logged_in();
         case 'anonymous':
             return true;
     }
     return false;
 }