Merge pull request #1247 from Codeinwp/bugfix/pro/513

vytisbulkevicius · web-flow · commit f0f4e283b7a8 · 2026-03-03T17:08:30.000+02:00
Restricted chart creation wizard
diff --git a/classes/Visualizer/Module/Chart.php b/classes/Visualizer/Module/Chart.php
@@ -524,6 +524,10 @@ private function deleteOldCharts() {
 	 * @access public
 	 */
 	public function renderChartPages() {
+		if ( ! current_user_can( 'edit_posts' ) ) {
+			wp_die( __( 'You do not have permission to access this page.', 'visualizer' ) );
+		}
+
 		defined( 'IFRAME_REQUEST' ) || define( 'IFRAME_REQUEST', 1 );
 		if ( ! defined( 'ET_BUILDER_PRODUCT_VERSION' ) && function_exists( 'et_get_theme_version' ) ) {
 			define( 'ET_BUILDER_PRODUCT_VERSION', et_get_theme_version() );
@@ -571,33 +575,31 @@ public function renderChartPages() {
 					do_action( 'visualizer_pro_new_chart_defaults', $chart_id );
 				}
 			} else {
-				if ( current_user_can( 'edit_posts' ) ) {
-					$parent_chart_id = isset( $_GET['parent_chart_id'] ) ? filter_var( $_GET['parent_chart_id'], FILTER_VALIDATE_INT ) : '';
-					$success = false;
-					if ( $parent_chart_id ) {
-						$parent_chart   = get_post( $parent_chart_id );
-						$success = $parent_chart && $parent_chart->post_type === Visualizer_Plugin::CPT_VISUALIZER;
-					}
-					if ( $success ) {
-						$new_chart_id = wp_insert_post(
-							array(
-								'post_type'    => Visualizer_Plugin::CPT_VISUALIZER,
-								'post_title'   => 'Visualization',
-								'post_author'  => get_current_user_id(),
-								'post_status'  => $parent_chart->post_status,
-								'post_content' => $parent_chart->post_content,
-							)
-						);
+				$parent_chart_id = isset( $_GET['parent_chart_id'] ) ? filter_var( $_GET['parent_chart_id'], FILTER_VALIDATE_INT ) : '';
+				$success = false;
+				if ( $parent_chart_id ) {
+					$parent_chart   = get_post( $parent_chart_id );
+					$success = $parent_chart && $parent_chart->post_type === Visualizer_Plugin::CPT_VISUALIZER;
+				}
+				if ( $success ) {
+					$new_chart_id = wp_insert_post(
+						array(
+							'post_type'    => Visualizer_Plugin::CPT_VISUALIZER,
+							'post_title'   => 'Visualization',
+							'post_author'  => get_current_user_id(),
+							'post_status'  => $parent_chart->post_status,
+							'post_content' => $parent_chart->post_content,
+						)
+					);
 
-						if ( is_wp_error( $new_chart_id ) ) {
-							do_action( 'themeisle_log_event', Visualizer_Plugin::NAME, sprintf( 'Error while cloning chart %d = %s', $parent_chart_id, print_r( $new_chart_id, true ) ), 'error', __FILE__, __LINE__ );
-						} else {
-							$post_meta = get_post_meta( $parent_chart_id );
-							$chart_id  = $new_chart_id;
-							foreach ( $post_meta as $key => $value ) {
-								if ( strpos( $key, 'visualizer-' ) !== false ) {
-									add_post_meta( $new_chart_id, $key, maybe_unserialize( $value[0] ) );
-								}
+					if ( is_wp_error( $new_chart_id ) ) {
+						do_action( 'themeisle_log_event', Visualizer_Plugin::NAME, sprintf( 'Error while cloning chart %d = %s', $parent_chart_id, print_r( $new_chart_id, true ) ), 'error', __FILE__, __LINE__ );
+					} else {
+						$post_meta = get_post_meta( $parent_chart_id );
+						$chart_id  = $new_chart_id;
+						foreach ( $post_meta as $key => $value ) {
+							if ( strpos( $key, 'visualizer-' ) !== false ) {
+								add_post_meta( $new_chart_id, $key, maybe_unserialize( $value[0] ) );
 							}
 						}
 					}
