Skip to content

feat: role-based access to the Messages page#194

Open
HardeepAsrani wants to merge 1 commit into
developmentfrom
feat/messages-access
Open

feat: role-based access to the Messages page#194
HardeepAsrani wants to merge 1 commit into
developmentfrom
feat/messages-access

Conversation

@HardeepAsrani

@HardeepAsrani HardeepAsrani commented Jul 4, 2026

Copy link
Copy Markdown
Member

What this adds

Role-based access to the Messages page, so a support agent or team member can review chat conversations without being handed the whole Hyve dashboard.

Closes the access side of Codeinwp/hyve#232. Rather than a role picker in settings, this uses two WordPress capabilities (as suggested on the issue), which keeps it native and lets site owners grant access however they already manage roles.

Capabilities

  • hyve_read_messages view the Messages page and read conversations.
  • hyve_manage_messages delete conversations and export them (export lives in Pro).

Administrators get both automatically. To give another role access, add the capability with a role-editor plugin or in code:

// read-only access to Messages for the Editor role
get_role( 'editor' )->add_cap( 'hyve_read_messages' );
// add delete + export
get_role( 'editor' )->add_cap( 'hyve_manage_messages' );

The grant for admins is done dynamically via user_has_cap, so nothing is written to the roles table and there is nothing to clean up on uninstall.

Submenus

Every top-level section of the dashboard is now a real WordPress submenu under Hyve (Dashboard, Knowledge Base, Messages, Integrations, Settings), each deep-linking into the app. Messages is gated on hyve_read_messages; the rest stay on manage_options.

A user who only has hyve_read_messages therefore sees just the Hyve to Messages entry, and the app boots into a messages-only view (sidebar restricted to Messages, no settings request, so no 403 hang). The in-app sidebar is unchanged for admins.

Enforcement

Access is enforced server-side, not just in the UI:

  • GET /threads requires hyve_read_messages
  • DELETE /threads requires hyve_manage_messages

The delete and export buttons are hidden for users without hyve_manage_messages, but the REST endpoints are the real gate.

Pro companion: Codeinwp/hyve#253 gates message export on the same hyve_manage_messages capability.

Manual QA

  1. Admin unchanged. As an administrator, the Hyve menu now shows submenus (Dashboard, Knowledge Base, Messages, Integrations, Settings). Each opens the matching screen. Everything works as before.
  2. Read-only support user. Create an Editor user and grant only hyve_read_messages (wp user add-cap <user> hyve_read_messages). Log in: the Hyve menu shows only Messages, the app opens on Messages, the sidebar is limited to Messages, and there is no delete or export button.
  3. Manage tier. Add hyve_manage_messages to that user. The delete button (and export, on Pro) appears and works.
  4. No access. A plain Subscriber or an Editor without the capability does not see the Hyve menu at all.
  5. REST is enforced. With only hyve_read_messages, a DELETE to /wp-json/hyve/v1/threads returns 403.

@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown

Plugin build for 1a465a8 is ready 🛎️!

@HardeepAsrani HardeepAsrani force-pushed the feat/messages-access branch from bc0e497 to 7f3ff04 Compare July 4, 2026 05:14
Add two custom capabilities so support staff can review conversations
without full dashboard access:

- hyve_read_messages: view the Messages page and read conversations
- hyve_manage_messages: delete conversations and export them

Administrators receive both automatically; other roles can be granted
either capability with a role-editor plugin or WP_Role::add_cap().

Also register every dashboard section as a WP submenu that deep-links
into the app. Messages is gated on hyve_read_messages, the rest on
manage_options, so a read-only user only sees Messages and the app
opens in a messages-only view. The threads REST endpoints are gated
per action (read for listing, manage for deleting).
@HardeepAsrani HardeepAsrani force-pushed the feat/messages-access branch from 7f3ff04 to 1a465a8 Compare July 4, 2026 05:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant