Sindbad~EG File Manager
<?php
namespace RealPress\Controllers;
use RealPress\Helpers\Fields\FileUpload;
use RealPress\Helpers\Fields\Number;
use RealPress\Helpers\Validation;
use RealPress\Models\UserModel;
use RealPress\Helpers\RestApi;
use WP_REST_Request;
use WP_User_Query;
use RealPress\Helpers\Template;
use RealPress\Helpers\Settings;
use WP_REST_Server;
use RealPress\Helpers\Config;
/**
* Class UserController
* @package RealPress\Controllers
*/
class UserController {
/**
* UserController constructor.
*/
public function __construct() {
add_filter( 'get_avatar', array( $this, 'change_user_avatar' ), 10, 5 );
add_action( 'init', array( $this, 'create_new_user_role' ) );
//Subscriber and Agent media capability
add_filter( 'user_has_cap', array( $this, 'media_access' ), 10, 4 ); // For Agent and Subscriber
add_filter( 'ajax_query_attachments_args', array( $this, 'allow_display_own_attachments' ) );
add_action( 'admin_menu', array( $this, 'remove_media_tab' ) );
add_action( 'admin_bar_menu', array( $this, 'remove_media_bar_menu' ), 999 );
add_action( 'admin_init', array( $this, 'prevent_to_access_media_pages' ) );
//Allow Agent access wp-admin if install WooCommerce
add_filter( 'woocommerce_disable_admin_bar', array( $this, 'prevent_admin_bar' ), 10, 1 );
add_filter( 'woocommerce_prevent_admin_access', array( $this, 'prevent_admin_access' ), 10, 1 );
//api
add_action( 'rest_api_init', array( $this, 'register_rest_routes' ) );
}
/**
* @param $prevent_admin_bar
*
* @return false|mixed
*/
public function prevent_admin_bar( $prevent_admin_bar ) {
if ( ! current_user_can( 'edit_realpress-properties' ) ) {
return $prevent_admin_bar;
}
return false;
}
public function prevent_admin_access( $prevent_admin_access ) {
if ( ! current_user_can( 'edit_realpress-properties' ) ) {
return $prevent_admin_access;
}
return false;
}
/**
* @return void
*/
public function register_rest_routes() {
do_action('realpress/rest-api/before-register');
register_rest_route(
RestApi::generate_namespace(),
'/agents',
array(
'methods' => WP_REST_Server::READABLE,
'callback' => array( $this, 'get_agents' ),
'args' => array(
'posts_per_page' => array(
'required' => false,
'type' => 'integer',
'description' => 'The posts per page must be an integer',
),
'page' => array(
'required' => false,
'type' => 'integer',
'description' => 'The page must be an integer',
),
),
'permission_callback' => '__return_true',
),
);
register_rest_route(
RestApi::generate_namespace(),
'/user/update-data',
array(
'methods' => WP_REST_Server::EDITABLE,
'callback' => array( $this, 'update_user_data' ),
'permission_callback' => function () {
return is_user_logged_in();
},
),
);
register_rest_route(
RestApi::generate_namespace(),
'/user/change-avatar',
array(
'methods' => WP_REST_Server::EDITABLE,
'callback' => array( $this, 'change_avatar' ),
'permission_callback' => function () {
return is_user_logged_in();
},
),
);
register_rest_route(
RestApi::generate_namespace(),
'/user/change-password',
array(
'methods' => WP_REST_Server::EDITABLE,
'callback' => array( $this, 'change_password' ),
'permission_callback' => function () {
return is_user_logged_in();
},
),
);
}
/**
* @param \WP_REST_Request $request
*
* @return \WP_REST_Response
*/
public function get_agents( \WP_REST_Request $request ) {
$params = $request->get_params();
$args = array(
'number' => $params['number'] ?? Settings::get_agent_per_page(),
'paged' => $params['page'] ?? 1,
'orderby' => $params['orderby'] ?? 'display_name',
'order' => $params['order'] ?? 'asc',
'role' => REALPRESS_AGENT_ROLE,
);
//Search
if ( isset( $params['display_name'] ) ) {
$args['search'] = '*' . $params['display_name'] . '*';
$args['search_columns'] = array( 'display_name' );
}
if ( isset( $params['company_name'] ) ) {
$args['meta_query'][] = array(
'key' => REALPRESS_PREFIX . '_user_profile:fields:company_name',
'value' => $params['company_name'],
'compare' => 'LIKE',
);
}
if ( ! empty( $args['meta_query'] ) ) {
$args['meta_query']['relation'] = 'AND';
}
$data = array();
$query = new WP_User_Query( $args );
$agents = $query->get_results();
$template = Template::instance();
//Content
ob_start();
if ( empty( $agents ) ) {
return RestApi::success( esc_html__( 'No Agent found.', 'realpress' ), array() );
} else {
foreach ( $agents as $agent ) {
$template->get_frontend_template_type_classic(
apply_filters( 'realpress/filter/agent-list/agent-item', 'agent-list/section/content/agent-item.php' ),
array(
'data' => UserModel::get_agent_data( $agent->ID ),
)
);
}
}
$data['content'] = ob_get_clean();
//Paginate
$total = $query->get_total();
$paginate_args = array(
'paged' => $args['paged'],
'total' => $total,
'max_pages' => intval( ceil( $total / $args['number'] ) ),
'item_per_page' => $args['number'],
'type' => 'agent',
);
RestApi::add_pagination_data( $data, $paginate_args );
return RestApi::success( '', $data );
}
/**
* @param $avatar
* @param $id_or_email
* @param $size
* @param $default
* @param $alt
*
* @return mixed|string
*/
public function change_user_avatar( $avatar, $id_or_email, $size, $default, $alt ) {
if ( is_object( $id_or_email ) ) {
if ( empty( $id_or_email->user_id ) ) {
$user_id = (int) $id_or_email->user_id;
}
} elseif ( ! is_numeric( $id_or_email ) ) {
$user = get_user_by( 'email', $id_or_email );
if ( ! empty( $user ) ) {
$user_id = $user->user_id;
}
} else {
$user_id = $id_or_email;
}
if ( ! empty( $user_id ) ) {
$meta_data = UserModel::get_user_meta_data( $user_id );
$url = $meta_data['user_profile:fields:profile_picture']['image_url'] ?? '';
if ( ! empty( $url ) ) {
$avatar
= "<img alt='{$alt}' src='{$url}' class='avatar avatar-{$size} photo' height='{$size}' width='{$size}' />";
}
}
return $avatar;
}
/**
* @return void
*/
public function create_new_user_role() {
add_role(
REALPRESS_AGENT_ROLE,
esc_html__( 'Agent', 'realpress' ),
array(
'read' => true,
'edit_realpress-properties' => true,
'read_private_realpress-properties' => true,
'delete_realpress-properties' => true,
'delete_private_realpress-properties' => true,
'delete_published_realpress-properties' => true,
'edit_private_realpress-properties' => true,
'edit_published_realpress-properties' => true,
'upload_files' => true,
)
);
$role = get_role( REALPRESS_AGENT_ROLE );
$property_review_enable = Settings::get_setting_detail( 'group:property:fields:property_review' );
if ( $property_review_enable === 'on' ) {
$role->remove_cap( 'publish_realpress-properties' );
} else {
$role->add_cap( 'publish_realpress-properties' );
}
$caps = array(
'edit_realpress-properties',
'edit_others_realpress-properties',
'edit_published_realpress-properties',
'publish_realpress-properties',
'delete_realpress-properties',
'delete_others_realpress-properties',
'delete_published_realpress-properties',
'delete_private_realpress-properties',
'edit_private_realpress-properties',
'read_private_realpress-properties',
);
$admin_role = get_role( 'administrator' );
foreach ( $caps as $cap ) {
$admin_role->add_cap( $cap );
}
$subscriber_role = get_role( 'subscriber' );
$subscriber_role->add_cap( 'upload_files' );
}
/**
* Add edit, delete media for Subscriber and Agent
*
* @param $allcaps
* @param $caps
* @param $args
* @param $user
*
* @return mixed
*/
public function media_access( $allcaps, $caps, $args, $user ) {
if ( ! in_array( REALPRESS_AGENT_ROLE, $user->caps ) && ! in_array( 'subscriber', $user->caps ) ) {
return $allcaps;
}
// if no post is connected with capability
if ( empty( $args[2] ) ) {
return $allcaps;
}
//post
$post = get_post( $args[2] );
if ( empty( $post ) ) {
return $allcaps;
}
$author_id = get_post_field( 'post_author', $post->ID );
if ( intval( $author_id ) !== $user->ID ) {
return $allcaps;
}
if ( 'attachment' == $post->post_type ) {
$allcaps[ $caps[0] ] = true;
}
return $allcaps;
}
/**
* Allow display only own media
*
* @param $query
*
* @return mixed
*/
public function allow_display_own_attachments( $query ) {
if ( current_user_can( 'administrator' ) ) {
return $query;
}
$user = wp_get_current_user();
$roles = (array) $user->roles;
if ( in_array( REALPRESS_AGENT_ROLE, $roles ) || current_user_can( 'subscriber' ) ) {
$query['author'] = $user->ID;
}
return $query;
}
/**
* Remove media menu
* @return void
*/
public function remove_media_tab() {
if ( current_user_can( 'administrator' ) ) {
return;
}
$user = wp_get_current_user();
$roles = (array) $user->roles;
if ( in_array( REALPRESS_AGENT_ROLE, $roles ) || current_user_can( 'subscriber' ) ) {
remove_menu_page( 'upload.php' );
}
}
/**
* Remove media bar menu
* @return void
*/
public function remove_media_bar_menu() {
if ( current_user_can( 'administrator' ) ) {
return;
}
$user = wp_get_current_user();
$roles = (array) $user->roles;
if ( in_array( REALPRESS_AGENT_ROLE, $roles ) || current_user_can( 'subscriber' ) ) {
global $wp_admin_bar;
$wp_admin_bar->remove_node( 'new-media' );
}
}
/**
* Prevent access media page
* @return void
*/
public function prevent_to_access_media_pages() {
global $pagenow;
if ( ! in_array( $pagenow, array( 'upload.php', 'media-new.php' ) ) ) {
return;
}
if ( current_user_can( 'administrator' ) ) {
return;
}
$user = wp_get_current_user();
$roles = (array) $user->roles;
if ( in_array( REALPRESS_AGENT_ROLE, $roles ) || current_user_can( 'subscriber' ) ) {
wp_die( esc_html__( 'Sorry, you are not allowed to access this page.', 'realpress' ) );
}
}
/**
* @param WP_REST_Request $request
*
* @return \WP_REST_Response
*/
public function update_user_data( WP_REST_Request $request ) {
$params = $request->get_params();
if ( ! empty( $params['email'] ) && ! is_email( $params['email'] ) ) {
return RestApi::error( esc_html__( 'The email is invalid.', 'realpress' ), 400 );
}
$user_data = array(
'ID' => get_current_user_id(),
'first_name' => empty( $params['firstname'] ) ? '' : Validation::sanitize_params_submitted( $params['firstname'] ),
'last_name' => empty( $params['lastname'] ) ? '' : Validation::sanitize_params_submitted( $params['lastname'] ),
'display_name' => empty( $params['displayname'] ) ? '' : Validation::sanitize_params_submitted( $params['displayname'] ),
'user_email' => empty( $params['email'] ) ? '' : Validation::sanitize_params_submitted( $params['email'] ),
'description' => empty( $params['biographical-info'] ) ? '' :
Validation::sanitize_params_submitted( $params['biographical-info'], 'textarea' ),
);
$user_id = wp_update_user( $user_data );
if ( is_wp_error( $user_id ) ) {
return RestApi::error( $user_id->get_error_message(), $user_id->get_error_code() );
}
$user_metadata = UserModel::get_user_meta_data( $user_id );
$new_metadata = $user_metadata;
foreach ( $params as $key => $value ) {
$user_profile_group_key = 'user_profile:fields:' . str_replace( '-', '_', $key );
$social_network_group_key = 'social_network:fields:' . str_replace( '-', '_', $key );
if ( isset( $user_metadata[ $user_profile_group_key ] ) ) {
$name = $user_profile_group_key;
} elseif ( isset( $user_metadata[ $social_network_group_key ] ) ) {
$name = $social_network_group_key;
} else {
$name = '';
}
if ( ! empty( $name ) ) {
$field = Config::instance()->get( 'agent-profile:' . $name );
if ( ! empty( $value ) ) {
if ( $field['type'] instanceof FileUpload ) {
$value = Validation::validate_file_upload( $value, $field, $user_id );
}
if ( $field['type'] instanceof Number ) {
$value = Validation::validate_number( $value, $field );
}
}
$sanitize = $field['sanitize'] ?? 'text';
$value = Validation::sanitize_params_submitted( $value, $sanitize );
$new_metadata[ $name ] = $value;
if ( ! empty( $field['is_single_key'] ) ) {
update_user_meta( $user_id, REALPRESS_PREFIX . '_' . $name, $value );
}
}
}
update_user_meta( $user_id, REALPRESS_USER_META_KEY, $new_metadata );
if ( current_user_can( 'edit_realpress-properties' ) ) {
$data = UserModel::get_agent_data( $user_id );
} else {
$data = UserModel::get_subscriber_data( $user_id );
}
ob_start();
do_action( 'realpress/layout/my-account/profile/inner-info', $data );
$profile = ob_get_clean();
return RestApi::success(
esc_html__( 'Updated!', 'realpress' ),
array(
'user_id' => $user_id,
'profile' => $profile,
)
);
}
/**
* @param WP_REST_Request $request
*
* @return \WP_REST_Response
*/
public function change_avatar( WP_REST_Request $request ) {
$params = $request->get_params();
$image_id = $params['image_id'];
$user_id = get_current_user_id();
$user_metadata = UserModel::get_user_meta_data( $user_id );
$name = 'user_profile:fields:profile_picture';
$field = Config::instance()->get( 'agent-profile:' . $name );
$value = '';
if ( ! empty( $image_id ) ) {
$value = Validation::validate_file_upload( $image_id, $field, $user_id );
if ( empty( $value ) ) {
return RestApi::error( esc_html__( 'The image is is invalid.', 'realpress' ), 400 );
}
}
$sanitize = $field['sanitize'] ?? 'text';
$value = Validation::sanitize_params_submitted( $value, $sanitize );
$user_metadata[ $name ] = $value;
if ( ! empty( $field['is_single_key'] ) ) {
update_user_meta( $user_id, REALPRESS_PREFIX . '_' . $name, $value );
}
update_user_meta( $user_id, REALPRESS_USER_META_KEY, $user_metadata );
$avatar_url = UserModel::get_user_avatar_url( $user_id, 'full' );
$display_name = UserModel::get_field( $user_id, 'display_name' );
$image = '<img src="' . esc_attr( $avatar_url ) . '" alt="' . esc_attr( $display_name ) . '">';
return RestApi::success(
esc_html__( 'Updated!', 'realpress' ),
array(
'user_id' => $user_id,
'image' => $image,
)
);
}
/**
* @param WP_REST_Request $request
*
* @return \WP_REST_Response
*/
public function change_password( WP_REST_Request $request ) {
$user_id = get_current_user_id();
$user_data = new \WP_User( $user_id );
$params = $request->get_params();
if ( ! isset( $params['current_password'] ) || ! wp_check_password( $params['current_password'], $user_data->data->user_pass, $user_id ) ) {
return RestApi::error( esc_html__( 'The current password is invalid.', 'realpress' ), 400 );
}
if ( ! isset( $params['new_password'] ) ) {
return RestApi::error( esc_html__( 'The new password is required.', 'realpress' ), 400 );
}
if ( ! isset( $params['confirm_password'] ) ) {
return RestApi::error( esc_html__( 'The confirm password is required.', 'realpress' ), 400 );
}
if ( $params['new_password'] !== $params['confirm_password'] ) {
return RestApi::error( esc_html__( 'The confirm password must be matched the new password.', 'realpress' ), 400 );
}
reset_password( $user_data, $params['new_password'] );
return RestApi::success( esc_html__( 'Updated!', 'realpress' ), array( 'user_id' => $user_id ) );
}
}
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists