Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
0.00% |
0 / 92 |
|
0.00% |
0 / 7 |
CRAP | |
0.00% |
0 / 1 |
REST_API | |
0.00% |
0 / 92 |
|
0.00% |
0 / 7 |
272 | |
0.00% |
0 / 1 |
__construct | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
2 | |||
register_routes | |
0.00% |
0 / 12 |
|
0.00% |
0 / 1 |
2 | |||
create_item | |
0.00% |
0 / 16 |
|
0.00% |
0 / 1 |
30 | |||
create_item_permissions_check | |
0.00% |
0 / 9 |
|
0.00% |
0 / 1 |
30 | |||
prepare_item_for_response | |
0.00% |
0 / 9 |
|
0.00% |
0 / 1 |
6 | |||
get_item_schema | |
0.00% |
0 / 12 |
|
0.00% |
0 / 1 |
2 | |||
get_args_schema | |
0.00% |
0 / 31 |
|
0.00% |
0 / 1 |
2 |
1 | <?php |
2 | /** |
3 | * Expose the create autologin url function via the REST API. |
4 | * |
5 | * @package brianhenryie/bh-wp-autologin-urls |
6 | */ |
7 | |
8 | namespace BrianHenryIE\WP_Autologin_URLs\WP_Includes; |
9 | |
10 | use BrianHenryIE\WP_Autologin_URLs\API_Interface; |
11 | use WP_Http; |
12 | use WP_REST_Controller; |
13 | use WP_REST_Response; |
14 | use WP_REST_Server; |
15 | use WP_User; |
16 | |
17 | class REST_API extends WP_REST_Controller { |
18 | |
19 | protected API_Interface $api; |
20 | |
21 | public function __construct( API_Interface $api ) { |
22 | $this->api = $api; |
23 | $this->namespace = 'bh-wp-autologin-urls/v1'; |
24 | $this->rest_base = 'autologin-codes'; |
25 | } |
26 | |
27 | /** |
28 | * @see WP_REST_Controller::register_routes() |
29 | */ |
30 | public function register_routes() { |
31 | register_rest_route( |
32 | $this->namespace, |
33 | $this->rest_base, |
34 | array( |
35 | array( |
36 | 'methods' => WP_REST_Server::CREATABLE, |
37 | 'callback' => array( $this, 'create_item' ), |
38 | 'permission_callback' => array( $this, 'create_item_permissions_check' ), |
39 | 'args' => $this->get_args_schema(), |
40 | ), |
41 | ) |
42 | ); |
43 | } |
44 | |
45 | /** |
46 | * |
47 | * @see WP_REST_Controller::create_item() |
48 | * |
49 | * @param \WP_REST_Request $request |
50 | * @return \WP_Error|\WP_HTTP_Response|WP_REST_Response |
51 | */ |
52 | public function create_item( $request ) { |
53 | $user = $request->get_param( 'user' ); |
54 | if ( empty( $user ) ) { |
55 | $user = wp_get_current_user(); |
56 | } |
57 | |
58 | $url = $request->get_param( 'url' ); |
59 | if ( ! stristr( $url, get_site_url() ) ) { |
60 | $url = get_site_url( $url ); |
61 | } |
62 | |
63 | $expires_in = $request->get_param( 'expires_in' ); |
64 | if ( ! is_numeric( $expires_in ) || intval( $expires_in ) === 0 ) { |
65 | $expires_in = null; |
66 | } else { |
67 | $expires_in = absint( $expires_in ); |
68 | } |
69 | |
70 | $url = $this->api->add_autologin_to_url( |
71 | $url, |
72 | $user, |
73 | $expires_in |
74 | ); |
75 | |
76 | // Check was the URL modified at all. |
77 | |
78 | return $this->prepare_item_for_response( $url, $request ); |
79 | } |
80 | |
81 | /** |
82 | * Allow admins and the user themselves to create autologin codes. |
83 | * |
84 | * @see WP_REST_Controller::create_item_permissions_check() |
85 | */ |
86 | public function create_item_permissions_check( $request ) { |
87 | |
88 | $user_param = $request->get_param( 'user' ); |
89 | |
90 | // If the user is not set, `wp_get_current_user()` will be used. |
91 | if ( empty( $user_param ) ) { |
92 | return true; |
93 | } |
94 | |
95 | $user = $this->api->get_wp_user( $user_param ); |
96 | |
97 | // If the current user is creating a link for themselves. |
98 | if ( $user instanceof WP_User |
99 | && wp_get_current_user() instanceof WP_User |
100 | && $user->ID === wp_get_current_user()->ID ) { |
101 | return true; |
102 | } |
103 | |
104 | // Admins can create links for anyone. |
105 | return current_user_can( 'manage_options' ); |
106 | } |
107 | |
108 | /** |
109 | * @see WP_REST_Controller::prepare_item_for_response() |
110 | * |
111 | * @param $item |
112 | * @param $request |
113 | * @return \WP_Error|\WP_HTTP_Response|WP_REST_Response |
114 | */ |
115 | public function prepare_item_for_response( $item, $request ) { |
116 | |
117 | $data = array( |
118 | 'autologin_url' => $item, |
119 | ); |
120 | |
121 | $context = ! empty( $request['context'] ) ? $request['context'] : 'view'; |
122 | $data = $this->add_additional_fields_to_object( $data, $request ); |
123 | $data = $this->filter_response_by_context( $data, $context ); |
124 | |
125 | $response = rest_ensure_response( $data ); |
126 | |
127 | $response->set_status( WP_Http::CREATED ); |
128 | |
129 | return $response; |
130 | } |
131 | |
132 | /** |
133 | * @see WP_REST_Controller::get_item_schema() |
134 | */ |
135 | public function get_item_schema() { |
136 | return array( |
137 | '$schema' => 'http://json-schema.org/draft-04/schema#', |
138 | 'title' => 'bh-wp-autologin-codes-autologin-code', |
139 | 'type' => 'object', |
140 | 'properties' => array( |
141 | 'autologin_url' => array( |
142 | 'type' => 'string', |
143 | 'format' => 'url', |
144 | 'context' => array( 'view' ), |
145 | ), |
146 | ), |
147 | ); |
148 | } |
149 | |
150 | public function get_args_schema() { |
151 | $args = array(); |
152 | |
153 | $args['user'] = array( |
154 | 'description' => esc_html__( 'The user to create the code for.', 'bh-wp-autologin-urls' ), |
155 | 'required' => true, |
156 | 'context' => array( 'edit' ), |
157 | 'oneOf' => array( // TODO: Is this doing anything?! |
158 | // array( |
159 | // 'description' => esc_html__( 'User id.', 'bh-wp-autologin-urls' ), |
160 | // 'type' => 'integer', |
161 | // ), |
162 | array( |
163 | 'description' => esc_html__( 'Username.', 'bh-wp-autologin-urls' ), |
164 | 'type' => 'string', |
165 | ), |
166 | array( |
167 | 'description' => esc_html__( 'Email.', 'bh-wp-autologin-urls' ), |
168 | 'type' => 'string', |
169 | 'format' => 'email', |
170 | ), |
171 | ), |
172 | ); |
173 | |
174 | $args['url'] = array( |
175 | 'description' => 'The URL to add the login code to.', |
176 | 'type' => 'string', |
177 | 'format' => 'url', |
178 | 'context' => array( 'edit' ), |
179 | 'required' => false, |
180 | ); |
181 | |
182 | $args['expires_in'] = array( |
183 | 'type' => 'int', |
184 | 'format' => 'url', |
185 | 'context' => array( 'edit' ), |
186 | 'required' => false, |
187 | ); |
188 | |
189 | return $args; |
190 | } |
191 | } |