Merge pull request #110 from xwp/fix/menu-permission

Add Customize menu to allow access user with 'customize' cap
xwp · Feb 10, 2017 · 07c607f · 07c607f
2 parents 7910d6b + 41d6117
commit 07c607f
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 5 deletions.
diff --git a/php/class-post-type.php b/php/class-post-type.php
@@ -90,7 +90,7 @@ public function init() {
 
 		add_filter( 'post_link', array( $this, 'filter_post_type_link' ), 10, 2 );
 		add_action( 'add_meta_boxes_' . static::SLUG, array( $this, 'setup_metaboxes' ), 10, 1 );
-		add_action( 'admin_menu',array( $this, 'add_admin_menu_item' ) );
+		add_action( 'admin_menu',array( $this, 'add_admin_menu_item' ), 99 );
 		add_filter( 'map_meta_cap', array( $this, 'remap_customize_meta_cap' ), 5, 4 );
 		add_filter( 'bulk_actions-edit-' . static::SLUG, array( $this, 'add_snapshot_bulk_actions' ) );
 		add_filter( 'handle_bulk_actions-edit-' . static::SLUG, array( $this, 'handle_snapshot_merge' ), 10, 3 );
@@ -131,7 +131,19 @@ public function add_admin_menu_item() {
 		$page_title = $post_type_object->labels->name;
 		$menu_title = $post_type_object->labels->name;
 		$menu_slug = 'edit.php?post_type=' . static::SLUG;
-		add_theme_page( $page_title, $menu_title, $capability, $menu_slug );
+		if ( current_user_can( 'edit_theme_options' ) ) {
+			add_theme_page( $page_title, $menu_title, $capability, $menu_slug );
+		} elseif ( current_user_can( 'customize' ) ) {
+			$customize_url = add_query_arg( 'return', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), 'customize.php' );
+
+			// Remove exiting menu from appearance as it will require 'edit_theme_options' cap.
+			remove_menu_page( esc_url( $customize_url ) );
+
+			// Add customize menu on top and add Changeset menu as submenu.
+			$customize_page_title = __( 'Customize', 'default' );
+			add_menu_page( $customize_page_title, $customize_page_title, 'customize', esc_url( $customize_url ), '', 'dashicons-admin-customizer', 65 );
+			add_submenu_page( $customize_url, $page_title, $menu_title, $capability, esc_url( $menu_slug ) );
+		}
 	}
 
 	/**
@@ -275,7 +287,7 @@ public function filter_post_row_actions( $actions, $post ) {
 			$customize_url = add_query_arg( array_map( 'rawurlencode', $args ), wp_customize_url() );
 			$actions = array_merge(
 				array(
-					'customize' => sprintf( '<a href="%s">%s</a>', esc_url( $customize_url ), esc_html__( 'Customize', 'customize-snapshots' ) ),
+					'customize' => sprintf( '<a href="%s">%s</a>', esc_url( $customize_url ), esc_html__( 'Customize', 'default' ) ),
 				),
 				$actions
 			);

diff --git a/phpcs.ruleset.xml b/phpcs.ruleset.xml
@@ -5,7 +5,7 @@
 	<rule ref="WordPress.WP.I18n">
 		<exclude-pattern>*/php/theme-support/*</exclude-pattern>
 		<properties>
-			<property name="text_domain" value="customize-snapshots" />
+			<property name="text_domain" value="customize-snapshots,default" />
 		</properties>
 	</rule>
 	<rule ref="WordPress-Docs" />

diff --git a/tests/php/test-class-post-type.php b/tests/php/test-class-post-type.php
@@ -84,7 +84,7 @@ public function test_init() {
 
 		$this->assertEquals( 10, has_filter( 'post_link', array( $post_type_obj, 'filter_post_type_link' ) ) );
 		$this->assertEquals( 10, has_action( 'add_meta_boxes_' . Post_Type::SLUG, array( $post_type_obj, 'setup_metaboxes' ) ) );
-		$this->assertEquals( 10, has_action( 'admin_menu', array( $post_type_obj, 'add_admin_menu_item' ) ) );
+		$this->assertEquals( 99, has_action( 'admin_menu', array( $post_type_obj, 'add_admin_menu_item' ) ) );
 		$this->assertEquals( 5, has_filter( 'map_meta_cap', array( $post_type_obj, 'remap_customize_meta_cap' ) ) );
 		$this->assertEquals( 10, has_filter( 'bulk_actions-edit-' . Post_Type::SLUG, array( $post_type_obj, 'add_snapshot_bulk_actions' ) ) );
 		$this->assertEquals( 10, has_filter( 'handle_bulk_actions-edit-' . Post_Type::SLUG, array( $post_type_obj, 'handle_snapshot_merge' ) ) );
@@ -158,6 +158,50 @@ public function test_add_admin_menu_item() {
 		$this->assertTrue( in_array( $menu_slug, $submenu['themes.php'][0], true ) );
 	}
 
+	/**
+	 * Allow customize caps to all users for testing.
+	 *
+	 * @see test_menu_for_customize_cap.
+	 * @param array $allcaps all caps.
+	 * @param array $caps caps.
+	 * @param array $args arg for current_user_can.
+	 *
+	 * @return array
+	 */
+	public function hack_user_can( $allcaps, $caps, $args ) {
+		if ( 'customize' === $args[0] ) {
+			$allcaps = array_merge( $allcaps, array_fill_keys( $caps, true ) );
+		}
+
+		return $allcaps;
+	}
+
+	/**
+	 * Test add_admin_menu_item
+	 *
+	 * @covers \CustomizeSnapshots\Post_Type::add_admin_menu_item()
+	 */
+	public function test_menu_for_customize_cap() {
+		$this->mark_incompatible();
+		global $submenu, $menu;
+		if ( null === $submenu ) {
+			$submenu = array(); // WPCS: global override ok.
+		}
+		if ( null === $menu ) {
+			$menu = array(); // WPCS: global override ok.
+		}
+		add_filter( 'user_has_cap', array( $this, 'hack_user_can' ), 10, 3 );
+		$editor_user_id = $this->factory()->user->create( array( 'role' => 'editor' ) );
+		wp_set_current_user( $editor_user_id );
+		$post_type_obj = new Post_Type( $this->plugin->customize_snapshot_manager );
+		$post_type_obj->add_admin_menu_item();
+		$menu_slug = 'edit.php?post_type=' . Post_Type::SLUG;
+		$customize_url = add_query_arg( 'return', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), 'customize.php' );
+		$this->assertArrayHasKey( $customize_url, $submenu );
+		$this->assertEquals( $menu_slug, $submenu[ $customize_url ][1][2] );
+		remove_filter( 'user_has_cap', array( $this, 'hack_user_can' ), 10 );
+	}
+
 	/**
 	 * Test filter_post_type_link.
 	 *