/**
* Show admin notice about purchase code and license.
*/
public function showAdminNotice()
{
if (AB_Utils::isCurrentUserAdmin() && !get_user_meta(get_current_user_id(), 'ab_dismiss_admin_notice', true) && get_option('ab_envato_purchase_code') == '' && time() > get_option('ab_installation_time') + 604800) {
$this->render('admin_notice');
}
}
</span>)
<?php
} else {
?>
<?php
_e('Profile', 'bookly');
?>
<?php
}
?>
</h3>
</div>
<div class="panel-body">
<div class="row">
<div id="ab-staff" class="ab-left-bar col-md-3 col-sm-3 col-xs-12 col-lg-3"<?php
if (!AB_Utils::isCurrentUserAdmin()) {
?>
style="display: none" <?php
}
?>
>
<ul id="ab-staff-list">
<?php
if ($staff_members) {
?>
<?php
foreach ($staff_members as $staff) {
?>
<li class="ab-staff-member" id="ab-list-staff-<?php
echo $staff['id'];
?>
/**
* Extend parent method to control access on staff member level.
*
* @param string $action
* @return bool
*/
protected function hasAccess($action)
{
if (parent::hasAccess($action)) {
if (!AB_Utils::isCurrentUserAdmin()) {
$staff = new AB_Staff();
switch ($action) {
case 'executeEditStaff':
case 'executeDeleteStaffAvatar':
case 'executeStaffServices':
case 'executeStaffSchedule':
case 'executeStaffHolidays':
$staff->load($this->getParameter('id'));
break;
case 'executeStaffServicesUpdate':
case 'executeStaffHolidaysUpdate':
$staff->load($this->getParameter('staff_id'));
break;
case 'executeStaffScheduleHandleBreak':
$staffScheduleItem = new AB_StaffScheduleItem();
$staffScheduleItem->load($this->getParameter('staff_schedule_item_id'));
$staff->load($staffScheduleItem->get('staff_id'));
break;
case 'executeDeleteStaffScheduleBreak':
$break = new AB_ScheduleItemBreak();
$break->load($this->getParameter('id'));
$staffScheduleItem = new AB_StaffScheduleItem();
$staffScheduleItem->load($break->get('staff_schedule_item_id'));
$staff->load($staffScheduleItem->get('staff_id'));
break;
case 'executeStaffScheduleUpdate':
if ($this->hasParameter('days')) {
foreach ($this->getParameter('days') as $id => $day_index) {
$staffScheduleItem = new AB_StaffScheduleItem();
$staffScheduleItem->load($id);
$staff = new AB_Staff();
$staff->load($staffScheduleItem->get('staff_id'));
if ($staff->get('wp_user_id') != get_current_user_id()) {
return false;
}
}
}
break;
default:
return false;
}
return $staff->get('wp_user_id') == get_current_user_id();
}
return true;
}
return false;
}
/**
* Get data needed for appointment form initialisation.
*/
public function executeGetDataForAppointmentForm()
{
$result = array('staff' => array(), 'customers' => array(), 'custom_fields' => array(), 'time' => array(), 'time_interval' => get_option('ab_settings_time_slot_length') * 60);
// Staff list.
$staff_members = AB_Utils::isCurrentUserAdmin() ? AB_Staff::query()->sortBy('position')->find() : AB_Staff::query()->where('wp_user_id', get_current_user_id())->find();
/** @var AB_Staff $staff_member */
foreach ($staff_members as $staff_member) {
$services = array();
foreach ($staff_member->getStaffServices() as $staff_service) {
$services[] = array('id' => $staff_service->service->get('id'), 'title' => sprintf('%s (%s)', $staff_service->service->get('title'), AB_Service::durationToString($staff_service->service->get('duration'))), 'duration' => $staff_service->service->get('duration'), 'capacity' => $staff_service->get('capacity'));
}
$result['staff'][] = array('id' => $staff_member->get('id'), 'full_name' => $staff_member->get('full_name'), 'services' => $services);
}
// Customers list.
foreach (AB_Customer::query()->sortBy('name')->find() as $customer) {
$name = $customer->get('name');
if ($customer->get('email') != '' || $customer->get('phone') != '') {
$name .= ' (' . trim($customer->get('email') . ', ' . $customer->get('phone'), ', ') . ')';
}
$result['customers'][] = array('id' => $customer->get('id'), 'name' => $name, 'custom_fields' => array(), 'number_of_persons' => 1);
}
// Time list.
$ts_length = AB_BookingConfiguration::getTimeSlotLength();
$time_start = AB_StaffScheduleItem::WORKING_START_TIME;
$time_end = AB_StaffScheduleItem::WORKING_END_TIME;
// Run the loop.
while ($time_start <= $time_end) {
$result['time'][] = array('value' => AB_DateTimeUtils::buildTimeString($time_start, false), 'title' => AB_DateTimeUtils::formatTime($time_start));
$time_start += $ts_length;
}
wp_send_json($result);
}
/**
* Check if the current user has access to the action.
*
* Default access (if is not set with annotation for the controller or action) is "admin"
* Access type:
* "admin" - check if the current user is super admin
* "user" - check if the current user is authenticated
* "anonymous" - anonymous user
*
* @param string $action
* @return bool
*/
protected function hasAccess($action)
{
$permissions = $this->getPermissions();
$security = isset($permissions[$action]) ? $permissions[$action] : null;
if (is_null($security)) {
// Check if controller class has permission
$security = isset($permissions['_this']) ? $permissions['_this'] : null;
if (is_null($security)) {
$security = 'admin';
}
}
switch ($security) {
case 'admin':
return AB_Utils::isCurrentUserAdmin();
case 'user':
return is_user_logged_in();
case 'anonymous':
return true;
}
return false;
}
