Implement create capability

includes/event/event-capabilities.php

@@ -2,6 +2,7 @@
 
 namespace Wporg\TranslationEvents\Event;
 
+use GP;
 use WP_User;
 
 class Event_Capabilities {
@@ -21,8 +22,11 @@ private function has_cap( string $cap, array $args, WP_User $user ): bool {
 	}
 
 	private function has_create( WP_User $user ): bool {
-		// TODO.
-		return true;
+		return $this->has_gp_crud( $user );
+	}
+
+	private function has_gp_crud( WP_User $user ): bool {
+		return apply_filters( 'gp_translation_events_can_crud_event', GP::$permission->user_can( $user, 'admin' ) );
 	}
 
 	public function register_hooks(): void {

includes/event/event-form-handler.php

@@ -37,7 +37,7 @@ public function handle( array $form_data ): void {
 		 * @param bool $can_crud_event Whether the user can create, edit, or delete an event.
 		 */
 		$can_crud_event = apply_filters( 'gp_translation_events_can_crud_event', GP::$permission->current_user_can( 'admin' ) );
-		if ( 'create_event' === $action && ( ! $can_crud_event ) ) {
+		if ( 'create_event' === $action && ( ! current_user_can( 'create_translation_event' ) ) ) {
 			wp_send_json_error( esc_html__( 'The user does not have permission to create an event.', 'gp-translation-events' ), 403 );
 		}
 		if ( 'edit_event' === $action ) {

includes/routes/event/create.php

@@ -16,6 +16,11 @@ public function handle(): void {
 			wp_safe_redirect( wp_login_url( home_url( $wp->request ) ) );
 			exit;
 		}
+
+		if ( ! current_user_can( 'create_translation_event' ) ) {
+			$this->die_with_error( 'You do not have permission to create events.' );
+		}
+
 		$event_page_title         = 'Create Event';
 		$event_form_name          = 'create_event';
 		$css_show_url             = 'hide-event-url';

phpcs.xml

@@ -12,6 +12,9 @@
     <file>./wporg-gp-translation-events.php</file>
 
     <rule ref="WordPress">
+        <properties>
+            <property name="custom_capabilities[]" value="create_translation_event"/>
+        </properties>
         <exclude name="Squiz.Commenting.ClassComment.Missing"/>
         <exclude name="Squiz.Commenting.FileComment.Missing"/>
         <exclude name="Squiz.Commenting.FileComment.MissingPackageTag"/>

tests/event/event-capabilities.php

@@ -4,7 +4,6 @@
 
 use GP_UnitTestCase;
 use Wporg\TranslationEvents\Attendee\Attendee_Repository;
-use Wporg\TranslationEvents\Event\Event_Capabilities;
 use Wporg\TranslationEvents\Event\Event_Repository;
 use Wporg\TranslationEvents\Tests\Event_Factory;
 use Wporg\TranslationEvents\Tests\Stats_Factory;
@@ -16,6 +15,22 @@ public function setUp(): void {
 		$this->stats_factory       = new Stats_Factory();
 		$this->attendee_repository = new Attendee_Repository();
 		$this->event_repository    = new Event_Repository( $this->attendee_repository );
-		$this->capilities          = new Event_Capabilities();
+	}
+
+	public function test_cannot_create_if_no_crud_permission() {
+		$this->set_normal_user_as_current();
+
+		add_filter( 'gp_translation_events_can_crud_event', '__return_false' );
+
+		$this->assertFalse( current_user_can( 'create_translation_event' ) );
+	}
+
+	public function test_can_create_if_crud_permission() {
+		$this->set_normal_user_as_current();
+		get_current_user_id();
+
+		add_filter( 'gp_translation_events_can_crud_event', '__return_true' );
+
+		$this->assertTrue( current_user_can( 'create_translation_event' ) );
 	}
 }