WPSDK/support-access-manager
2
0
Fork 0
mirror of https://github.com/derekashauer/support-access-manager.git synced 2025-08-20 04:32:10 +08:00
Code Issues Projects Packages Wiki Activity Actions
support-access-manager/class-support-access-manager.php

516 lines
18 KiB
PHP
Raw Normal View History

Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
<?php
if ( ! class_exists( 'Support_Access_Manager' ) ) {
class Support_Access_Manager {
private $menu_slug;
private $menu_label;
private $parent_slug;
// Constructor accepts parameters for menu position, label, and parent slug
public function __construct( $menu_slug = 'support-access', $menu_label = 'Support Access', $parent_slug = 'users.php' ) {
$this->menu_slug = $menu_slug;
$this->menu_label = $menu_label;
$this->parent_slug = $parent_slug;
// Schedule cron job on plugin activation
register_activation_hook( __FILE__, array( $this, 'schedule_temp_admin_expiration_check' ) );
// Clear the scheduled cron job on plugin deactivation
register_deactivation_hook( __FILE__, array( $this, 'clear_temp_admin_expiration_check' ) );
// Schedule the cron event to check for expired admins
add_action( 'check_temp_admin_expiration_event', array( $this, 'check_temp_admin_expiration' ) );
// Handle temp admin login by checking the URL parameters
add_action( 'init', array( $this, 'check_temp_admin_login' ) );
// Add admin menu page
add_action( 'admin_menu', array( $this, 'add_support_access_menu' ) );
// Handle form submission to create temp admin users
add_action( 'admin_init', array( $this, 'handle_temp_admin_form_submission' ) );
// Handle deletion of temporary admins
add_action( 'admin_post_delete_temp_admin', array( $this, 'handle_temp_admin_deletion' ) );
}
// Schedule the cron job when the plugin is activated
public function schedule_temp_admin_expiration_check() {
if ( ! wp_next_scheduled( 'check_temp_admin_expiration_event' ) ) {
wp_schedule_event( time(), 'hourly', 'check_temp_admin_expiration_event' );
}
}
// Clear the scheduled cron job on plugin deactivation
public function clear_temp_admin_expiration_check() {
$timestamp = wp_next_scheduled( 'check_temp_admin_expiration_event' );
if ( $timestamp ) {
wp_unschedule_event( $timestamp, 'check_temp_admin_expiration_event' );
}
}
// Hook into the scheduled event to check for expired temporary admin users
public function check_temp_admin_expiration() {
$user_query = new WP_User_Query(
array(
'role' => 'administrator',
'meta_key' => 'support_access_expiration',
)
);
if ( ! empty( $user_query->results ) ) {
foreach ( $user_query->results as $user ) {
$expiration_time = get_user_meta( $user->ID, 'support_access_expiration', true );
if ( $expiration_time && time() > $expiration_time ) {
wp_delete_user( $user->ID );
}
}
}
}
// Add menu item to the specified parent menu (default: Users)
public function add_support_access_menu() {
add_submenu_page(
$this->parent_slug, // Parent menu slug
$this->menu_label, // Page title
$this->menu_label, // Menu title
'manage_options', // Capability
$this->menu_slug, // Menu slug
array( $this, 'support_access_page' ) // Callback function for the page content
);
}
// Admin page content for Support Access
public function support_access_page() {
?>
<div class="wrap">
<h1><?php esc_html_e( 'Support Access', 'support-access' ); ?></h1>
<?php if ( isset( $_GET['message'] ) ) : ?>
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
<div class="updated"><p><?php echo esc_html( wp_unslash( $_GET['message'] ) ); ?></p></div>
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
<?php endif; ?>
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
<form method="post" class="support-access-form">
<?php wp_nonce_field( 'create_temp_admin' ); ?>
<table class="form-table">
<tbody>
<tr>
<th scope="row">
<label for="access_duration_type"><?php esc_html_e( 'Access Duration:', 'support-access' ); ?></label>
</th>
<td>
<select name="access_duration_type" id="access_duration_type">
<option value="day"><?php esc_html_e( '1 Day', 'support-access' ); ?></option>
<option value="week"><?php esc_html_e( '1 Week', 'support-access' ); ?></option>
<option value="month"><?php esc_html_e( '1 Month', 'support-access' ); ?></option>
<option value="custom"><?php esc_html_e( 'Custom Date', 'support-access' ); ?></option>
</select>
<div id="custom_date_wrapper" style="display: none; margin-top: 10px;">
<input type="datetime-local" name="custom_expiration" id="custom_expiration">
</div>
<p class="description">
<?php esc_html_e( 'How long the temporary user account will exist before being automatically deleted.', 'support-access' ); ?>
</p>
</td>
</tr>
<tr>
<th scope="row">
<label for="access_timeout"><?php esc_html_e( 'Login Link Timeout:', 'support-access' ); ?></label>
</th>
<td>
<input type="number" name="access_timeout" id="access_timeout" value="" min="1" class="small-text">
<p class="description">
<?php esc_html_e( 'Number of hours the login link remains valid after generation. Leave empty for no timeout (link works until account expires).', 'support-access' ); ?>
</p>
</td>
</tr>
<tr>
<th scope="row">
<label for="access_limit"><?php esc_html_e( 'Usage Limit:', 'support-access' ); ?></label>
</th>
<td>
<input type="number" name="access_limit" id="access_limit" value="" min="0" class="small-text">
<p class="description">
<?php esc_html_e( 'Maximum number of times the login link can be used. Enter 0 or leave empty for unlimited uses.', 'support-access' ); ?>
</p>
</td>
</tr>
<tr>
<th scope="row">
<label for="user_role"><?php esc_html_e( 'User Role:', 'support-access' ); ?></label>
</th>
<td>
<select name="user_role" id="user_role">
<?php
$roles = wp_roles()->get_names();
foreach ( $roles as $role_id => $role_name ) {
printf(
'<option value="%s" %s>%s</option>',
esc_attr( $role_id ),
selected( $role_id, 'administrator', false ),
esc_html( $role_name )
);
}
?>
</select>
<p class="description">
<?php esc_html_e( 'The WordPress role assigned to the temporary user. Choose the minimum role needed for the support task.', 'support-access' ); ?>
</p>
</td>
</tr>
<tr>
<th scope="row">
<label for="user_locale"><?php esc_html_e( 'User Language:', 'support-access' ); ?></label>
</th>
<td>
<?php
require_once ABSPATH . 'wp-admin/includes/translation-install.php';
$translations = wp_get_available_translations();
$languages = array(
'' => sprintf(
/* translators: %s: Current site language name */
__( 'Site Default - %s', 'support-access' ),
$translations[ get_locale() ]['native_name'] ?? 'English (United States)'
),
);
// Add installed languages
$installed_languages = get_available_languages();
foreach ( $installed_languages as $locale ) {
if ( isset( $translations[ $locale ] ) ) {
$languages[ $locale ] = $translations[ $locale ]['native_name'];
}
}
// Always include English (US) if not already added
if ( ! isset( $languages['en_US'] ) ) {
$languages['en_US'] = 'English (United States)';
}
$current_locale = get_locale();
?>
<select name="user_locale" id="user_locale">
<?php
foreach ( $languages as $locale => $native_name ) {
printf(
'<option value="%s" %s>%s</option>',
esc_attr( $locale ),
selected( $locale, '', false ),
esc_html( $native_name )
);
}
?>
</select>
<p class="description">
<?php esc_html_e( 'The WordPress admin interface language for this temporary user. Choose "Site Default" to use the site\'s language setting.', 'support-access' ); ?>
</p>
</td>
</tr>
</tbody>
</table>
<?php submit_button( __( 'Create Temporary User', 'support-access' ) ); ?>
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
</form>
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
<?php $this->list_temp_admins(); ?>
</div>
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
<script type="text/javascript">
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
jQuery(document).ready(function($) {
$('#access_duration_type').on('change', function() {
if ($(this).val() === 'custom') {
$('#custom_date_wrapper').show();
} else {
$('#custom_date_wrapper').hide();
}
});
// Move copyToClipboard outside jQuery and make it global
window.copyToClipboard = function(url) {
// Use modern clipboard API if available
if (navigator.clipboard && window.isSecureContext) {
navigator.clipboard.writeText(url).then(() => {
alert('URL copied to clipboard!');
}).catch(() => {
// Fallback to older method if clipboard API fails
fallbackCopyToClipboard(url);
});
} else {
// Fallback for older browsers
fallbackCopyToClipboard(url);
}
};
function fallbackCopyToClipboard(url) {
const tempInput = document.createElement('input');
tempInput.value = url;
document.body.appendChild(tempInput);
tempInput.select();
document.execCommand('copy');
document.body.removeChild(tempInput);
alert('URL copied to clipboard!');
}
});
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
</script>
<?php
}
// Handle form submission and create the temp admin user
public function handle_temp_admin_form_submission() {
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
if ( ! isset( $_POST['access_duration_type'] ) || ! current_user_can( 'manage_options' ) ) {
return;
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
}
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
if ( ! wp_verify_nonce( $_POST['_wpnonce'], 'create_temp_admin' ) ) {
wp_die( 'Invalid nonce' );
}
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
// Calculate expiration time based on duration type
$duration_type = sanitize_text_field( wp_unslash( $_POST['access_duration_type'] ) );
if ( $duration_type === 'custom' && ! empty( $_POST['custom_expiration'] ) ) {
$expiration_time = strtotime( wp_unslash( $_POST['custom_expiration'] ) );
} else {
$duration_days = array(
'day' => 1,
'week' => 7,
'month' => 30,
);
$days = $duration_days[ $duration_type ] ?? 1;
$expiration_time = time() + ( $days * DAY_IN_SECONDS );
}
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
$timeout = ! empty( $_POST['access_timeout'] ) ? absint( $_POST['access_timeout'] ) * HOUR_IN_SECONDS : 0;
$limit = isset( $_POST['access_limit'] ) ? absint( $_POST['access_limit'] ) : 0;
$role = sanitize_text_field( wp_unslash( $_POST['user_role'] ) );
$locale = sanitize_text_field( wp_unslash( $_POST['user_locale'] ) );
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
// Create temporary user and URL
$temp_user_id = $this->create_temp_admin_user( $role );
// Generate access token data
$token_data = array(
'id' => $temp_user_id,
'time' => time(),
'nonce' => wp_generate_password( 12, false ), // Add a nonce for extra security
);
$data = base64_encode( json_encode( $token_data ) );
$hash = hash_hmac( 'sha256', $data, wp_salt( 'auth' ) ); // Use WordPress salt instead of hardcoded key
$access_token = $data . '.' . $hash;
$temp_user_url = add_query_arg(
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
array(
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
'support_access' => $access_token,
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
),
home_url()
);
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
// Store user metadata
update_user_meta( $temp_user_id, 'support_access_url', $temp_user_url );
update_user_meta( $temp_user_id, 'support_access_token', $access_token ); // Store the token for verification
update_user_meta( $temp_user_id, 'temp_admin_login_count', 0 );
update_user_meta( $temp_user_id, 'support_access_expiration', $expiration_time );
update_user_meta( $temp_user_id, 'support_access_timeout', $timeout );
update_user_meta( $temp_user_id, 'support_access_limit', $limit );
if ( ! empty( $locale ) ) {
update_user_meta( $temp_user_id, 'locale', $locale );
}
wp_redirect( add_query_arg( 'message', 'Temporary Access URL generated successfully.', admin_url( 'users.php?page=support-access' ) ) );
exit;
}
// Create temporary admin user
private function create_temp_admin_user( $role = 'administrator' ) {
$username = 'support_user_' . uniqid();
$password = wp_generate_password();
$email = $username . '@example.com';
$user_id = wp_create_user( $username, $password, $email );
$user = new WP_User( $user_id );
$user->set_role( $role );
return $user_id;
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
}
// Check if the temp_admin hash matches and log in the user
public function check_temp_admin_login() {
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
if ( ! isset( $_GET['support_access'] ) ) {
return;
}
$access_token = sanitize_text_field( wp_unslash( $_GET['support_access'] ) );
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
// Split token into data and hash
$parts = explode( '.', $access_token );
if ( count( $parts ) !== 2 ) {
wp_safe_redirect( home_url() );
exit;
}
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
list( $data, $received_hash ) = $parts;
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
// Verify hash
$expected_hash = hash_hmac( 'sha256', $data, wp_salt( 'auth' ) );
if ( ! hash_equals( $expected_hash, $received_hash ) ) {
wp_safe_redirect( home_url() );
exit;
}
// Decode the data
$decoded = json_decode( base64_decode( $data ), true );
if ( ! $decoded || ! isset( $decoded['id'] ) || ! isset( $decoded['time'] ) || ! isset( $decoded['nonce'] ) ) {
wp_safe_redirect( home_url() );
exit;
}
$temp_user_id = absint( $decoded['id'] );
// Verify user exists and token matches
$stored_token = get_user_meta( $temp_user_id, 'support_access_token', true );
if ( empty( $stored_token ) || $stored_token !== $access_token ) {
wp_safe_redirect( home_url() );
exit;
}
// Get user metadata
$expiration = get_user_meta( $temp_user_id, 'support_access_expiration', true );
$timeout = get_user_meta( $temp_user_id, 'support_access_timeout', true );
$limit = get_user_meta( $temp_user_id, 'support_access_limit', true );
$login_count = get_user_meta( $temp_user_id, 'temp_admin_login_count', true );
// Check if account has expired
if ( time() > $expiration ) {
wp_delete_user( $temp_user_id );
wp_safe_redirect( home_url() );
exit;
}
// Check login count limit
if ( $limit > 0 && $login_count >= $limit ) {
wp_safe_redirect( home_url() );
exit;
}
// Check URL timeout
if ( ! empty( $timeout ) ) {
if ( time() > ( $decoded['time'] + $timeout ) ) {
wp_safe_redirect( home_url() );
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
exit;
}
}
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
// All checks passed, log the user in
wp_set_current_user( $temp_user_id );
wp_set_auth_cookie( $temp_user_id );
// Increment the login count
update_user_meta( $temp_user_id, 'temp_admin_login_count', intval( $login_count ) + 1 );
wp_safe_redirect( admin_url() );
exit;
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
}
// List temporary admins with login count, expiration date, timeout, and delete option
private function list_temp_admins() {
$args = array(
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
'meta_key' => 'support_access_token',
'meta_query' => array(
'relation' => 'AND',
array(
'key' => 'support_access_expiration',
'compare' => 'EXISTS',
),
),
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
);
$user_query = new WP_User_Query( $args );
if ( ! empty( $user_query->results ) ) {
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
echo '<h2>' . esc_html__( 'Temporary Users', 'support-access' ) . '</h2>';
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
echo '<table class="wp-list-table widefat fixed striped users">';
echo '<thead>';
echo '<tr>';
echo '<th>' . esc_html__( 'Username', 'support-access' ) . '</th>';
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
echo '<th>' . esc_html__( 'Role', 'support-access' ) . '</th>';
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
echo '<th>' . esc_html__( 'Login Count', 'support-access' ) . '</th>';
echo '<th>' . esc_html__( 'Expiration Date', 'support-access' ) . '</th>';
echo '<th>' . esc_html__( 'Login Link Timeout', 'support-access' ) . '</th>';
echo '<th>' . esc_html__( 'Access URL', 'support-access' ) . '</th>';
echo '<th>' . esc_html__( 'Actions', 'support-access' ) . '</th>';
echo '</tr>';
echo '</thead>';
echo '<tbody>';
foreach ( $user_query->results as $user ) {
$login_count = get_user_meta( $user->ID, 'temp_admin_login_count', true );
$user_profile_url = get_edit_user_link( $user->ID );
$temp_user_url = get_user_meta( $user->ID, 'support_access_url', true );
$expiration_time = get_user_meta( $user->ID, 'support_access_expiration', true );
$timeout_time = get_user_meta( $user->ID, 'support_access_timeout', true );
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
$expiration_date = $expiration_time ? gmdate( 'Y-m-d H:i:s', $expiration_time ) : '';
$timeout_date = $timeout_time ? gmdate( 'Y-m-d H:i:s', $expiration_time + $timeout_time ) : '';
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
$limit = get_user_meta( $user->ID, 'support_access_limit', true );
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
$login_info = ( 0 === $limit ) ? '∞' : $login_count . ' / ' . $limit;
// Get user's role
$user_roles = array_map(
function( $role ) {
return translate_user_role( wp_roles()->get_names()[ $role ] );
},
$user->roles
);
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
?>
<tr>
<td><a href="<?php echo esc_url( $user_profile_url ); ?>"><?php echo esc_html( $user->user_login ); ?></a></td>
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
<td><?php echo esc_html( implode( ', ', $user_roles ) ); ?></td>
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
<td><?php echo esc_html( $login_info ); ?></td>
<td><?php echo esc_html( $expiration_date ); ?></td>
<td><?php echo esc_html( $timeout_date ); ?></td>
<td>
Improved user creation options * Custom roles * Predefined durations with custom option * Set language
2025-02-18 20:20:41 -07:00
<input type="text" readonly value="<?php echo esc_attr( $temp_user_url ); ?>" style="width:100%; padding: 10px;">
<button type="button" onclick="copyToClipboard('<?php echo esc_js( $temp_user_url ); ?>')" class="button">
<?php esc_html_e( 'Copy URL', 'support-access' ); ?>
</button>
Create class-support-access-manager.php
2025-02-18 19:20:42 -07:00
</td>
<td>
<form method="post" action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" style="display:inline;">
<?php wp_nonce_field( 'delete_temp_admin_' . $user->ID ); ?>
<input type="hidden" name="action" value="delete_temp_admin">
<input type="hidden" name="delete_temp_admin_id" value="<?php echo esc_attr( $user->ID ); ?>">
<button type="submit" class="button"><?php esc_html_e( 'Delete', 'support-access' ); ?></button>
</form>
</td>
</tr>
<?php
}
echo '</tbody>';
echo '</table>';
}
}
public function handle_temp_admin_deletion() {
if ( isset( $_POST['delete_temp_admin_id'] ) && current_user_can( 'manage_options' ) ) {
$user_id = absint( $_POST['delete_temp_admin_id'] );
if ( wp_verify_nonce( $_POST['_wpnonce'], 'delete_temp_admin_' . $user_id ) ) {
wp_delete_user( $user_id );
wp_redirect( add_query_arg( 'message', 'Temporary admin deleted successfully.', admin_url( 'users.php?page=support-access' ) ) );
exit;
}
}
}
}
// Instantiate the class
new Support_Access_Manager();
}
Reference in a new issue Copy permalink