Advertisement
geminilabs

[site-reviews] restrict reviews to the assigned_post author

Apr 29th, 2024
663
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.77 KB | None | 0 0
  1. /**
  2.  * Restrict visible reviews on the "All Reviews" page to the review's assigned_post author
  3.  * @updated 2024-04-29
  4.  */
  5. class GLSR_Restrict_Reviews_Assigned_Post_Author
  6. {
  7.     protected static $instance;
  8.  
  9.     public static function load(): self
  10.     {
  11.         if (empty(static::$instance)) {
  12.             static::$instance = new static();
  13.         }
  14.         return static::$instance;
  15.     }
  16.    
  17.     /**
  18.      * @filter site-reviews/database/sql/query-flagged-count
  19.      */
  20.     public function filterFlaggedCountSql(string $sql): string
  21.     {
  22.         global $wpdb;
  23.         $userId = get_current_user_id();
  24.         $search = "AS p ON (p.ID = r.review_id)";
  25.         $replace = "{$search} LEFT JOIN {$wpdb->prefix}glsr_assigned_posts AS ap ON (ap.rating_id = r.ID)";
  26.         $replace = "{$replace} LEFT JOIN {$wpdb->posts} AS p2 ON (p2.ID = ap.post_id)";
  27.         $sql = str_replace($search, $replace, $sql);
  28.         $search = "WHERE 1=1";
  29.         $replace = "{$search} AND (p2.post_author = {$userId} OR p.post_author = {$userId})";
  30.         $sql = str_replace($search, $replace, $sql);
  31.         return $sql;
  32.     }
  33.  
  34.     /**
  35.      * @filter site-reviews/review-table/clauses
  36.      */
  37.     public function filterQueryClauses(array $clauses): array
  38.     {
  39.         global $wpdb;
  40.         $userId = get_current_user_id();
  41.         $clauses['join']['clauses'][] = "INNER JOIN {$wpdb->prefix}glsr_ratings ON ({$wpdb->prefix}glsr_ratings.review_id = {$wpdb->posts}.ID)";
  42.         $clauses['join']['clauses'][] = "LEFT JOIN {$wpdb->prefix}glsr_assigned_posts ON ({$wpdb->prefix}glsr_assigned_posts.rating_id = {$wpdb->prefix}glsr_ratings.ID)";
  43.         $clauses['join']['clauses'][] = "LEFT JOIN {$wpdb->posts} AS posts2 ON (posts2.ID = {$wpdb->prefix}glsr_assigned_posts.post_id)";
  44.         $clauses['where']['clauses'][] = "AND (posts2.post_author = {$userId} OR {$wpdb->posts}.post_author = {$userId})";
  45.         $clauses['where']['replace'] = false;
  46.         return $clauses;
  47.     }
  48.  
  49.     /**
  50.      * @filter views_edit-site-review
  51.      */
  52.     public function filterReviewCounts(array $views): array
  53.     {
  54.         global $wp_query;
  55.         unset($views['mine']);
  56.         $counts = $this->restrictedCounts();
  57.         $total = array_sum($counts);
  58.         foreach (get_post_stati(['show_in_admin_all_list' => false]) as $state) {
  59.             $total -= ($counts[$state] ?? 0);
  60.         }
  61.         foreach ($views as $status => &$link) {
  62.             $num = 'all' === $status ? $total : ($counts[$status] ?? 0);
  63.             $link = preg_replace('/(<span class="count">)([\d\(\),]+)(<\/span>)/', "$1({$num})$3", $link);
  64.         }
  65.         return $views;
  66.     }
  67.  
  68.     public function run(): void
  69.     {
  70.         add_action('current_screen', function () {
  71.             if (!$this->isQueryRestricted()) {
  72.                 return;
  73.             }
  74.             add_filter('site-reviews/review-table/clauses', [$this, 'filterQueryClauses'], 5);
  75.             add_filter('site-reviews/database/sql/query-flagged-count', [$this, 'filterFlaggedCountSql'], 5);
  76.             add_filter('views_edit-'.glsr()->post_type, [$this, 'filterReviewCounts'], 5);
  77.         });
  78.     }
  79.  
  80.     protected function isQueryRestricted(): bool
  81.     {
  82.         if (!function_exists('glsr')) {
  83.             return false;
  84.         }
  85.         if (glsr()->filterBool('snippet/disable/GLSR_Restrict_Reviews_Assigned_Post_Author', false)) {
  86.             return false;
  87.         }
  88.         if (get_current_screen()->id !== 'edit-'.glsr()->post_type) {
  89.             return false;
  90.         }
  91.         if (current_user_can('edit_others_site-reviews')) {
  92.             return false;
  93.         }
  94.         return true;
  95.     }
  96.  
  97.     protected function restrictedCounts(): array
  98.     {
  99.         $userId = get_current_user_id();
  100.         $cache_key = sprintf('%s_readable_%s', glsr()->post_status, $userId);
  101.         $counts = wp_cache_get($cache_key, 'counts');
  102.         $post_type = glsr()->post_type;
  103.         if (false === $counts) {
  104.             global $wpdb;
  105.             $results = $wpdb->get_results("
  106.                SELECT p.post_status, COUNT(*) AS count
  107.                FROM {$wpdb->posts} AS p
  108.                INNER JOIN {$wpdb->prefix}glsr_ratings AS r ON (r.review_id = p.ID)
  109.                LEFT JOIN {$wpdb->prefix}glsr_assigned_posts AS ap ON (ap.rating_id = r.ID)
  110.                LEFT JOIN {$wpdb->posts} AS p2 ON (p2.ID = ap.post_id)
  111.                WHERE p.post_type = '{$post_type}' AND (p2.post_author = {$userId} OR p.post_author = {$userId})
  112.                GROUP BY p.post_status
  113.            ", ARRAY_A);
  114.             $results = wp_list_pluck($results, 'count', 'post_status');
  115.             $counts = array_map('intval', $results);
  116.         }
  117.         $defaults = array_fill_keys(get_post_stati(), 0);
  118.         $counts = wp_parse_args((array) $counts, $defaults);
  119.         wp_cache_set($cache_key, $counts, 'counts');
  120.         return $counts;
  121.     }
  122. }
  123.  
  124. GLSR_Restrict_Reviews_Assigned_Post_Author::load()->run();
  125.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement