From adce36a344a3759cf4e913d71437a7b221be2526 Mon Sep 17 00:00:00 2001
From: Sean Fisher <srtfisher@gmail.com>
Date: Tue, 2 Jul 2024 16:50:24 -0400
Subject: [PATCH] Add a capability to control who can view the switcher

---
 .github/workflows/coding-quality.yml   |  4 +---
 .github/workflows/coding-standards.yml |  2 --
 CHANGELOG.md                           |  8 ++++++++
 README.md                              |  4 +++-
 composer.json                          |  4 ++--
 wp-environment-switcher.php            | 25 +++++++++++++++++++++++--
 6 files changed, 37 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/coding-quality.yml b/.github/workflows/coding-quality.yml
index 3472472..69991a2 100644
--- a/.github/workflows/coding-quality.yml
+++ b/.github/workflows/coding-quality.yml
@@ -3,10 +3,8 @@ name: Code Quality
 on:
   push:
     branches:
-      - main
+      - develop
   pull_request:
-  schedule:
-    - cron: '0 0 * * *'
 
 jobs:
   code-quality:
diff --git a/.github/workflows/coding-standards.yml b/.github/workflows/coding-standards.yml
index 78fc770..3a27ce6 100644
--- a/.github/workflows/coding-standards.yml
+++ b/.github/workflows/coding-standards.yml
@@ -5,8 +5,6 @@ on:
     branches:
       - develop
   pull_request:
-  schedule:
-    - cron: '0 0 * * *'
 
 jobs:
   coding-standards:
diff --git a/CHANGELOG.md b/CHANGELOG.md
index ebf1396..d0ec3e1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,14 @@
 
 All notable changes to `WordPress Environment Switcher` will be documented in this file.
 
+## 1.1.0 - 2024-07-02
+
+- Upgrade to PHP 8.1.
+- Change the environment switcher to show if the user has the
+  `view_environment_switcher` capability (which is mapped to `manage_options`).
+  This allows for more fine-grained control over who can see the environment
+  switcher.
+
 ## 1.0.1 - 2023-07-20
 
 - Infer the environment from the hosting provider, allow it to be filtered via `wp_environment_switcher_current_environment`.
diff --git a/README.md b/README.md
index c6e02e2..bfa6b48 100644
--- a/README.md
+++ b/README.md
@@ -48,7 +48,9 @@ add_filter(
 ```
 
 The plugin will automatically detect the current environment and highlight it in
-the switcher.
+the switcher. By default, the plugin will show the switcher to anybody with the
+`manage_options` capability. You can change this by modifying the capability
+mapped to the `view_environment_switcher` capability with `map_meta_cap`.
 
 ## Testing
 
diff --git a/composer.json b/composer.json
index 25c1739..2ee0f70 100644
--- a/composer.json
+++ b/composer.json
@@ -15,10 +15,10 @@
         }
     ],
     "require": {
-        "php": "^8.0"
+        "php": "^8.1"
     },
     "require-dev": {
-        "alleyinteractive/alley-coding-standards": "^1.0",
+        "alleyinteractive/alley-coding-standards": "^2.0",
         "szepeviktor/phpstan-wordpress": "^1.1"
     },
     "config": {
diff --git a/wp-environment-switcher.php b/wp-environment-switcher.php
index 044e5b9..5f39e36 100644
--- a/wp-environment-switcher.php
+++ b/wp-environment-switcher.php
@@ -3,7 +3,7 @@
  * Plugin Name: WordPress Environment Switcher
  * Plugin URI: https://github.com/alleyinteractive/wp-environment-switcher
  * Description: Easily switch between different site environments from the WordPress admin bar.
- * Version: 1.0.0
+ * Version: 1.1.0
  * Author: Sean Fisher
  * Author URI: https://github.com/alleyinteractive/wp-environment-switcher
  * Requires at least: 5.5.0
@@ -26,6 +26,7 @@
 function main(): void {
 	add_action( 'admin_bar_menu', __NAMESPACE__ . '\\register_admin_bar', 300 );
 	add_action( 'wp_before_admin_bar_render', __NAMESPACE__ . '\\add_switcher_css' );
+	add_filter( 'map_meta_cap', __NAMESPACE__ . '\\map_meta_cap', 10, 2 );
 }
 main();
 
@@ -48,7 +49,7 @@ function get_environments(): array {
  */
 function get_current_environment(): string {
 	$default = match ( true ) {
-		! empty( $_ENV['PANTHEON_ENVIRONMENT'] ) => (string) $_ENV['PANTHEON_ENVIRONMENT'],
+		! empty( $_ENV['PANTHEON_ENVIRONMENT'] ) => (string) $_ENV['PANTHEON_ENVIRONMENT'], // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
 		defined( 'VIP_GO_APP_ENVIRONMENT' ) => (string) VIP_GO_APP_ENVIRONMENT,
 		default => (string) wp_get_environment_type(),
 	};
@@ -82,6 +83,11 @@ function get_translated_url( string $environment_url ): string {
  * Register the admin environment switcher in the admin bar.
  */
 function register_admin_bar(): void {
+	// Check if the user has permission to view the switcher.
+	if ( ! current_user_can( 'view_environment_switcher' ) ) {
+		return;
+	}
+
 	$environments = get_environments();
 
 	if ( empty( $environments ) ) {
@@ -194,3 +200,18 @@ function add_switcher_css(): void {
 	</style>
 	<?php
 }
+
+/**
+ * Map the meta capability for viewing the environment switcher.
+ *
+ * @param array<string> $caps An array of the user's capabilities.
+ * @param string        $cap The capability being checked.
+ * @return array<string>
+ */
+function map_meta_cap( $caps, $cap ): array {
+	if ( 'view_environment_switcher' === $cap ) {
+		$caps = [ 'manage_options' ];
+	}
+
+	return $caps;
+}