From 19ebc3c37ec6860111e96c259dbc108317f32197 Mon Sep 17 00:00:00 2001
From: Hans Morbach <6433480+hansmorb@users.noreply.github.com>
Date: Mon, 11 Sep 2023 16:49:32 -0400
Subject: [PATCH] fixed broken behaviour when plugin was activated through cli

---
 src/Plugin.php                         | 75 ++++++++++++++++++--------
 tests/Wordpress/CustomPostTypeTest.php |  5 +-
 2 files changed, 55 insertions(+), 25 deletions(-)

diff --git a/src/Plugin.php b/src/Plugin.php
index 19ae63472..fe83a690e 100644
--- a/src/Plugin.php
+++ b/src/Plugin.php
@@ -59,32 +59,65 @@ public static function deactivation() {
 		do_action( Scheduler::UNSCHEDULER_HOOK );
 	}
 
-	protected static function addCPTRoleCaps() {
-		$customPostTypes = commonsbooking_isCurrentUserAdmin() ? self::getCustomPostTypes() : self::getCBManagerCustomPostTypes();
-
+	/**
+	 * Adds capabilities for custom post types.
+	 * This function runs after plugin activation and upon plugin update.
+	 *
+	 * NOTE: Before the change, this function did not work because it was dependent
+	 * on the role of the user upon activation. This did not make sense, as this is always
+	 * the admin. The function was changed to add the correct capabilities for all roles.
+	 *
+	 * This usually only happens, when the plugin is activated through wp-cli (because no user is logged in there)
+	 * The way this function has worked before is instead to assign the CB-Manager the capabilites of the admin.
+	 *
+	 * When we change the behaviour to what was probably intended, we break the functionality for the CB Manager to edit posts (like bookings or items).
+	 * This is why we now assign the CB-Manager the capabilities of the admin, the supposedly correct behaviour is commented out below.
+	 *
+	 * Therefore, this function does not work differently, it just has the same behaviour when plugin is activated through wp-cli or through the admin interface.
+	 * @return void
+	 */
+	public static function addCPTRoleCaps() {
+		//admins are allowed to see all custom post types
+		$adminAllowedCPT = self::getCustomPostTypes();
+		$CBManagerAllowedCPT = self::getCBManagerCustomPostTypes();
 		// Add capabilities for user roles
-		foreach ( $customPostTypes as $customPostType ) {
-			self::addRoleCaps( $customPostType::$postType );
+		foreach ( $adminAllowedCPT as $customPostType ) {
+			self::addRoleCaps( $customPostType::$postType, 'administrator' );
+			//assign all capabilities of admin to CB-Manager (see comment above)
+			self::addRoleCaps( $customPostType::$postType, self::$CB_MANAGER_ID );
 		}
+		/*
+		foreach ( $CBManagerAllowedCPT as $customPostType ) {
+			self::addRoleCaps( $customPostType::$postType, self::$CB_MANAGER_ID );
+		}
+		*/
 	}
 
 	/**
-	 * Returns needed roles and caps.
+	 * Returns needed roles and caps for specific roles
      *
 	 * @return \bool[][]
 	 */
-	public static function getRoleCapMapping() {
-		return [
-			self::$CB_MANAGER_ID => [
-				'read'                                 => true,
-				'manage_' . COMMONSBOOKING_PLUGIN_SLUG => true,
-			],
-			'administrator'      => [
-				'read'                                 => true,
-				'edit_posts'                           => true,
-				'manage_' . COMMONSBOOKING_PLUGIN_SLUG => true,
-			],
-		];
+	public static function getRoleCapMapping( $roleName = null) {
+		if ( $roleName === null ) {
+			return [
+				self::$CB_MANAGER_ID => [
+					'read'                                 => true,
+					'manage_' . COMMONSBOOKING_PLUGIN_SLUG => true,
+				],
+				'administrator'      => [
+					'read'                                 => true,
+					'edit_posts'                           => true,
+					'manage_' . COMMONSBOOKING_PLUGIN_SLUG => true,
+				],
+			];
+		}
+		else {
+			$roleCapMapping = self::getRoleCapMapping();
+			return [
+				$roleName => $roleCapMapping[$roleName]
+			];
+		}
 	}
 
 	/**
@@ -161,13 +194,13 @@ public static function getCBManagerCustomPostTypes(): array {
 	}
 
 	/**
-	 * Adds permissions for cb users.
+	 * Adds permissions to edit custom post types for specified role.
 	 *
 	 * @param $postType
 	 */
-	public static function addRoleCaps( $postType ) {
+	protected static function addRoleCaps( $postType, $roleName ) {
 		// Add the roles you'd like to administer the custom post types
-		$roles = array_keys( self::getRoleCapMapping() );
+		$roles = array_keys( self::getRoleCapMapping( $roleName ) );
 
 		// Loop through each role and assign capabilities
 		foreach ( $roles as $the_role ) {
diff --git a/tests/Wordpress/CustomPostTypeTest.php b/tests/Wordpress/CustomPostTypeTest.php
index 827991410..1654b3575 100644
--- a/tests/Wordpress/CustomPostTypeTest.php
+++ b/tests/Wordpress/CustomPostTypeTest.php
@@ -370,10 +370,7 @@ public function createCBManager(){
 		//we need to run the functions that add the custom user role and assign it to the user
 		Plugin::addCustomUserRoles();
 		//and add the caps for each of our custom post types
-		$postTypes = Plugin::getCustomPostTypes();
-		foreach ($postTypes as $customPostType) {
-			Plugin::addRoleCaps($customPostType::$postType);
-		}
+		Plugin::addCPTRoleCaps();
 		$wp_user = get_user_by('email',"cbmanager@cbmanager.de");
 		if (! $wp_user) {
 			$this->cbManagerUserID = wp_create_user( "cbmanager", "cbmanager", "cbmanager@cbmanager.de" );