\d+)', array( 'methods' => 'GET', 'callback' => 'ldp_api_get_employee_contacts', 'permission_callback' => function ($request) { $requesting_user_id = get_current_user_id(); $target_user_id = $request['user_id']; return authorized_user($requesting_user_id, $target_user_id); } )); }); // Callback function for fetching employee contacts using direct database query function ldp_api_get_employee_contacts($request) { $requesting_user_id = get_current_user_id(); $target_user_id = $request['user_id']; if (!authorized_user($requesting_user_id, $target_user_id)) { return new WP_Error('rest_forbidden', 'You do not have permission to access this data', array('status' => 403)); } $user_id = $request['user_id']; // Fetch the contact emails using the user ID $contact_emails = get_ldp_contact_emails_by_user_id($user_id); return rest_ensure_response(array('emails' => $contact_emails)); } function get_ldp_contact_emails_by_user_id($user_id) { global $wpdb; // SQL query to join tables and retrieve all email addresses for a user $query = $wpdb->prepare( "SELECT c.email FROM wp_ldp_contact c INNER JOIN wp_ldp_user_contact uc ON c.id = uc.contact_id WHERE uc.user_id = %d", $user_id ); // Execute the query to get email addresses as an array $emails = $wpdb->get_col($query); // Concatenate emails into a semi-colon delimited string $email_list = implode(';', $emails); return $email_list; // Return the concatenated email string } // ---- FETCH USER META ---- // // Register a new REST API endpoint for fetching user meta add_action('rest_api_init', function () { register_rest_route('ldp-api/v1', '/get-user-meta/(?P\d+)/(?P[a-zA-Z0-9-_]+)', array( 'methods' => 'GET', 'callback' => 'ldp_api_get_user_meta', 'permission_callback' => function ($request) { $requesting_user_id = get_current_user_id(); $target_user_id = $request['user_id']; return authorized_user($requesting_user_id, $target_user_id); } )); }); // Callback function for fetching user meta function ldp_api_get_user_meta($request) { $requesting_user_id = get_current_user_id(); $target_user_id = $request['user_id']; if (!authorized_user($requesting_user_id, $target_user_id)) { return new WP_Error('rest_forbidden', 'You do not have permission to access this data', array('status' => 403)); } $user_id = $request['user_id']; $meta_key = $request['meta_key']; $user_meta_value = get_user_meta($user_id, $meta_key, true); if ($user_meta_value === '') { return new WP_Error('meta_not_found', 'User meta not found', array('status' => 404)); } return rest_ensure_response(array($meta_key => $user_meta_value)); } /* Example URL: https://yourdomain.com/wp-json/ldp-api/v1/get-user-meta/123/my_custom_meta */ // ---- FETCH USER PROGRESS ---- // // Register a new REST API endpoint for fetching user progress add_action('rest_api_init', function () { register_rest_route('ldp-api/v1', '/get-user-progress/(?P\d+)', array( 'methods' => 'GET', 'callback' => 'ldp_api_get_user_progress', 'permission_callback' => function ($request) { $requesting_user_id = get_current_user_id(); $target_user_id = $request['user_id']; return authorized_user($requesting_user_id, $target_user_id); } )); }); // Callback function for fetching user progress function ldp_api_get_user_progress(WP_REST_Request $request) { $requesting_user_id = get_current_user_id(); $target_user_id = $request['user_id']; if (!authorized_user($requesting_user_id, $target_user_id)) { return new WP_Error('rest_forbidden', 'You do not have permission to access this data', array('status' => 403)); } global $wpdb; $user_id = $request['user_id']; $query = $wpdb->prepare( "SELECT * FROM wp_ldp_user_progress WHERE user_id = %d", $user_id ); $progress_data = $wpdb->get_results($query, ARRAY_A); if (false === $progress_data || empty($progress_data)) { return new WP_Error('no_progress_found', 'No progress data found for the user', array('status' => 404)); } return rest_ensure_response($progress_data); // Returns an array of progress data } // ---- RESET COURSES ---- // function ldp_api_reset_courses(WP_REST_Request $request) { $requesting_user_id = get_current_user_id(); $target_user_id = $request['user_id']; // Check if the requesting user is authorized to reset courses for the target user if (!authorized_user($requesting_user_id, $target_user_id)) { return new WP_Error('rest_forbidden', 'You do not have permission to reset courses for this user', array('status' => 403)); } if (class_exists('LDPApp\API\LDPEmployerAPI')) { $ldp_employer_api = new LDPApp\API\LDPEmployerAPI(); $result = $ldp_employer_api->reset_user_courses($target_user_id); return rest_ensure_response($result); } else { return new WP_Error('ldp_api_error', 'LDPEmployerAPI class not found', array('status' => 500)); } } add_action('rest_api_init', function () { register_rest_route('ldp-api/v1', '/reset-user-courses', array( 'methods' => 'POST', 'callback' => 'ldp_api_reset_courses', 'permission_callback' => function () { return is_user_logged_in(); // or any other permission checks you require }, 'args' => array( 'user_id' => array( 'required' => true, 'validate_callback' => function ($param, $request, $key) { return is_numeric($param); } ), ), )); }); // ---- HELPER FUNCTIONS ---- // function authorized_user($requesting_user_id, $target_user_id) { //error_log("authorized_user called. Requesting User ID: $requesting_user_id, Target User ID: $target_user_id"); // Check if the user is an administrator if (current_user_can('administrator', $requesting_user_id)) { // Admins can access all data //error_log("User $requesting_user_id is an admin."); return true; } else { // For non-admins, check if they are allowed to access the data // This will involve checking their association with teams or specific users // as managed by WooCommerce and LDPCourses $target_team_id = get_user_team_id($target_user_id); // Implement this function // Debug: Log team ID retrieval //error_log("Retrieved Team ID for Target User ID $target_user_id: $target_team_id"); $is_owner = is_user_team_owner($requesting_user_id, $target_team_id); // Debug: Log team ownership check //error_log("Is User $requesting_user_id Team Owner of Team ID $target_team_id: " . var_export($is_owner, true)); return $is_owner; } } function get_user_team_id($user_id) { return get_user_meta($user_id, 'ldp_team_id', true); } function is_user_team_owner($user_id, $team_id) { global $wpdb; // Debug: Log entering the function //error_log("is_user_team_owner called. User ID: $user_id, Team ID: $team_id"); // Check if the user is the owner of the team $team = $wpdb->get_row($wpdb->prepare( "SELECT ID FROM {$wpdb->prefix}posts WHERE post_type = 'wc_memberships_team' AND post_author = %d AND ID = %d", $user_id, $team_id )); // Debug: Log the result of the ownership check $is_owner = $team != null; //error_log("Ownership check for User ID $user_id on Team ID $team_id: " . var_export($is_owner, true)); return $is_owner; // Returns true if the user is an owner, false otherwise } function ldp_api_get_teams($user_id) { global $wpdb; // SQL query to fetch teams owned by the user $query = $wpdb->prepare( "SELECT ID, post_title FROM {$wpdb->prefix}posts WHERE post_type = 'wc_memberships_team' AND post_author = %d", $user_id ); // Execute the query and fetch results $teams = $wpdb->get_results($query, ARRAY_A); // Check if teams are found if (empty($teams)) { // Return a message or error if no teams are found return array('message' => 'No teams found for this user.'); } // Return the teams data return $teams; } function ldp_api_get_team_members($team_id) { global $wpdb; // SQL query to fetch users who are members of the specified team $query = $wpdb->prepare( "SELECT um.user_id, u.user_login, u.user_email, u.display_name FROM {$wpdb->prefix}usermeta um INNER JOIN {$wpdb->prefix}users u ON um.user_id = u.ID WHERE um.meta_key = 'ldp_team_id' AND um.meta_value = %d", $team_id ); // Execute the query and fetch results $team_members = $wpdb->get_results($query, ARRAY_A); // Check if team members are found if (empty($team_members)) { // Return a message or error if no team members are found return array('message' => 'No team members found for this team.'); } // Return the team members data return $team_members; } function ldp_api_get_user_info($user_id) { // Retrieve basic user information $user_info = get_userdata($user_id); if (!$user_info) { return new WP_Error('user_not_found', 'User not found', array('status' => 404)); } // Prepare an array to hold user data including metadata $user_data = array( 'ID' => $user_id, 'user_login' => $user_info->user_login, 'user_email' => $user_info->user_email, 'display_name' => $user_info->display_name, 'meta' => array() ); // List of user meta keys to retrieve $meta_keys = array( 'is_hidden', 'claim_number', 'description', 'minScoreRequired', 'minScoreVal', 'retriesCount', 'retriesOfCurrQuiz' ); // Retrieve and add each meta value to the user data array foreach ($meta_keys as $key) { $user_data['meta'][$key] = get_user_meta($user_id, $key, true); } // Include membership status and team participation $user_data['meta']['membership_status'] = wc_memberships_get_user_memberships($user_id) ? 'Active' : 'Inactive'; $user_data['meta']['team_id'] = get_user_meta($user_id, 'ldp_team_id', true); return $user_data; }