REST_Connector::remote_authorize() - Code Metrics - Inspection of "paid-blocks: hide toolbar when it requires upgrade" - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — update/paid-blocks-add-upgrade... ( 3b7293...cf9c45 )

unknown

created 2020-07-23 12:32 UTC

REST_Connector::remote_authorize() A

↳ Parent: REST_Connector

Complexity

Conditions	2
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	2
nc	2
nop	1
dl	0
loc	10
rs	9.9332
c	0
b	0
f	0

<?php
/**
 * Sets up the Connection REST API endpoints.
 *
 * @package automattic/jetpack-connection
 */

namespace Automattic\Jetpack\Connection;

use Automattic\Jetpack\Status;
use Jetpack_XMLRPC_Server;
use WP_Error;
use WP_REST_Request;
use WP_REST_Response;
use WP_REST_Server;

/**
 * Registers the REST routes for Connections.
 */
class REST_Connector {
	/**
	 * The Connection Manager.
	 *
	 * @var Manager
	 */
	private $connection;

	/**
	 * This property stores the localized "Insufficient Permissions" error message.
	 *
	 * @var string Generic error message when user is not allowed to perform an action.
	 */
	private static $user_permissions_error_msg;

	/**
	 * Constructor.
	 *
	 * @param Manager $connection The Connection Manager.
	 */
	public function __construct( Manager $connection ) {
		$this->connection = $connection;

		self::$user_permissions_error_msg = esc_html__(
			'You do not have the correct user permissions to perform this action.
			Please contact your site admin if you think this is a mistake.',
			'jetpack'
		);

		if ( ! $this->connection->is_active() ) {
			// Register a site.
			register_rest_route(
				'jetpack/v4',
				'/verify_registration',
				array(
					'methods'             => WP_REST_Server::EDITABLE,
					'callback'            => array( $this, 'verify_registration' ),
					'permission_callback' => '__return_true',
				)
			);
		}

		// Authorize a remote user.
		register_rest_route(
			'jetpack/v4',
			'/remote_authorize',
			array(
				'methods'  => WP_REST_Server::EDITABLE,
				'callback' => __CLASS__ . '::remote_authorize',
				'permission_callback' => '__return_true',
			)
		);

		// Get current connection status of Jetpack.
		register_rest_route(
			'jetpack/v4',
			'/connection',
			array(
				'methods'  => WP_REST_Server::READABLE,
				'callback' => __CLASS__ . '::connection_status',
				'permission_callback' => '__return_true',
			)
		);

		// Get list of plugins that use the Jetpack connection.
		register_rest_route(
			'jetpack/v4',
			'/connection/plugins',
			array(
				'methods'             => WP_REST_Server::READABLE,
				'callback'            => array( $this, 'get_connection_plugins' ),
				'permission_callback' => __CLASS__ . '::activate_plugins_permission_check',
			)
		);
	}

	/**
	 * Handles verification that a site is registered.
	 *
	 * @since 5.4.0
	 *
	 * @param \WP_REST_Request $request The request sent to the WP REST API.
	 *
	 * @return string|WP_Error
	 */
	public function verify_registration( \WP_REST_Request $request ) {
		$registration_data = array( $request['secret_1'], $request['state'] );

		return $this->connection->handle_registration( $registration_data );
	}

	/**
	 * Handles verification that a site is registered
	 *
	 * @since 5.4.0
	 *
	 * @param WP_REST_Request $request The request sent to the WP REST API.
	 *
	 * @return array|wp-error

	 */
	public static function remote_authorize( $request ) {
		$xmlrpc_server = new Jetpack_XMLRPC_Server();
		$result        = $xmlrpc_server->remote_authorize( $request );

		if ( is_a( $result, 'IXR_Error' ) ) {
			$result = new WP_Error( $result->code, $result->message );

		}

		return $result;
	}

	/**
	 * Get connection status for this Jetpack site.
	 *
	 * @since 4.3.0
	 *
	 * @return WP_REST_Response Connection information.
	 */
	public static function connection_status() {
		$status     = new Status();
		$connection = new Manager();

		return rest_ensure_response(
			array(
				'isActive'     => $connection->is_active(),
				'isStaging'    => $status->is_staging_site(),
				'isRegistered' => $connection->is_registered(),
				'devMode'      => array(
					'isActive' => $status->is_development_mode(),
					'constant' => defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG,
					'url'      => site_url() && false === strpos( site_url(), '.' ),
					'filter'   => apply_filters( 'jetpack_development_mode', false ),
				),
			)
		);
	}


	/**
	 * Get plugins connected to the Jetpack.
	 *
	 * @since 8.6.0
	 *
	 * @return WP_REST_Response|WP_Error Response or error object, depending on the request result.
	 */
	public function get_connection_plugins() {
		$plugins = $this->connection->get_connected_plugins();

		if ( is_wp_error( $plugins ) ) {
			return $plugins;
		}

		array_walk(
			$plugins,
			function( &$data, $slug ) {
				$data['slug'] = $slug;
			}
		);

		return rest_ensure_response( array_values( $plugins ) );
	}

	/**
	 * Verify that user can view Jetpack admin page and can activate plugins.
	 *
	 * @since 8.8.0
	 *
	 * @return bool|WP_Error Whether user has the capability 'jetpack_admin_page' and 'activate_plugins'.
	 */
	public static function activate_plugins_permission_check() {
		if ( current_user_can( 'activate_plugins' ) ) {
			return true;
		}

		return new WP_Error( 'invalid_user_permission_activate_plugins', self::get_user_permissions_error_msg(), array( 'status' => rest_authorization_required_code() ) );

	}

	/**
	 * Returns generic error message when user is not allowed to perform an action.
	 *
	 * @return string The error message.
	 */
	public static function get_user_permissions_error_msg() {
		return self::$user_permissions_error_msg;
	}

}


1			<?php
2			/**
3			* Sets up the Connection REST API endpoints.
4			*
5			* @package automattic/jetpack-connection
6			*/
7
8			namespace Automattic\Jetpack\Connection;
9
10			use Automattic\Jetpack\Status;
11			use Jetpack_XMLRPC_Server;
12			use WP_Error;
13			use WP_REST_Request;
14			use WP_REST_Response;
15			use WP_REST_Server;
16
17			/**
18			* Registers the REST routes for Connections.
19			*/
20			class REST_Connector {
21			/**
22			* The Connection Manager.
23			*
24			* @var Manager
25			*/
26			private $connection;
27
28			/**
29			* This property stores the localized "Insufficient Permissions" error message.
30			*
31			* @var string Generic error message when user is not allowed to perform an action.
32			*/
33			private static $user_permissions_error_msg;
34
35			/**
36			* Constructor.
37			*
38			* @param Manager $connection The Connection Manager.
39			*/
40			public function __construct( Manager $connection ) {
41			$this->connection = $connection;
42
43			self::$user_permissions_error_msg = esc_html__(
44			'You do not have the correct user permissions to perform this action.
45			Please contact your site admin if you think this is a mistake.',
46			'jetpack'
47			);
48
49			if ( ! $this->connection->is_active() ) {
50			// Register a site.
51			register_rest_route(
52			'jetpack/v4',
53			'/verify_registration',
54			array(
55			'methods' => WP_REST_Server::EDITABLE,
56			'callback' => array( $this, 'verify_registration' ),
57			'permission_callback' => '__return_true',
58			)
59			);
60			}
61
62			// Authorize a remote user.
63			register_rest_route(
64			'jetpack/v4',
65			'/remote_authorize',
66			array(
67			'methods' => WP_REST_Server::EDITABLE,
68			'callback' => __CLASS__ . '::remote_authorize',
69			'permission_callback' => '__return_true',
70			)
71			);
72
73			// Get current connection status of Jetpack.
74			register_rest_route(
75			'jetpack/v4',
76			'/connection',
77			array(
78			'methods' => WP_REST_Server::READABLE,
79			'callback' => __CLASS__ . '::connection_status',
80			'permission_callback' => '__return_true',
81			)
82			);
83
84			// Get list of plugins that use the Jetpack connection.
85			register_rest_route(
86			'jetpack/v4',
87			'/connection/plugins',
88			array(
89			'methods' => WP_REST_Server::READABLE,
90			'callback' => array( $this, 'get_connection_plugins' ),
91			'permission_callback' => __CLASS__ . '::activate_plugins_permission_check',
92			)
93			);
94			}
95
96			/**
97			* Handles verification that a site is registered.
98			*
99			* @since 5.4.0
100			*
101			* @param \WP_REST_Request $request The request sent to the WP REST API.
102			*
103			* @return string\|WP_Error
104			*/
105			public function verify_registration( \WP_REST_Request $request ) {
106			$registration_data = array( $request['secret_1'], $request['state'] );
107
108			return $this->connection->handle_registration( $registration_data );
109			}
110
111			/**
112			* Handles verification that a site is registered
113			*
114			* @since 5.4.0
115			*
116			* @param WP_REST_Request $request The request sent to the WP REST API.
117			*
118			* @return array\|wp-error
			0 ignored issues – show Documentation introduced 2017-04-29 05:12 UTC by Report Bug Copy Issue Report The doc-type `array\|wp-error` could not be parsed: Unknown type name "wp-error" at position 6. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
119			*/
120			public static function remote_authorize( $request ) {
121			$xmlrpc_server = new Jetpack_XMLRPC_Server();
122			$result = $xmlrpc_server->remote_authorize( $request );
123
124			if ( is_a( $result, 'IXR_Error' ) ) {
125			$result = new WP_Error( $result->code, $result->message );
			0 ignored issues – show Unused Code introduced 2019-06-17 08:53 UTC by Report Bug Copy Issue Report The call to `WP_Error::__construct()` has too many arguments starting with `$result->code`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
126			}
127
128			return $result;
129			}
130
131			/**
132			* Get connection status for this Jetpack site.
133			*
134			* @since 4.3.0
135			*
136			* @return WP_REST_Response Connection information.
137			*/
138			public static function connection_status() {
139			$status = new Status();
140			$connection = new Manager();
141
142			return rest_ensure_response(
143			array(
144			'isActive' => $connection->is_active(),
145			'isStaging' => $status->is_staging_site(),
146			'isRegistered' => $connection->is_registered(),
147			'devMode' => array(
148			'isActive' => $status->is_development_mode(),
149			'constant' => defined( 'JETPACK_DEV_DEBUG' ) && JETPACK_DEV_DEBUG,
150			'url' => site_url() && false === strpos( site_url(), '.' ),
151			'filter' => apply_filters( 'jetpack_development_mode', false ),
152			),
153			)
154			);
155			}
156
157
158			/**
159			* Get plugins connected to the Jetpack.
160			*
161			* @since 8.6.0
162			*
163			* @return WP_REST_Response\|WP_Error Response or error object, depending on the request result.
164			*/
165			public function get_connection_plugins() {
166			$plugins = $this->connection->get_connected_plugins();
167
168			if ( is_wp_error( $plugins ) ) {
169			return $plugins;
170			}
171
172			array_walk(
173			$plugins,
174			function( &$data, $slug ) {
175			$data['slug'] = $slug;
176			}
177			);
178
179			return rest_ensure_response( array_values( $plugins ) );
180			}
181
182			/**
183			* Verify that user can view Jetpack admin page and can activate plugins.
184			*
185			* @since 8.8.0
186			*
187			* @return bool\|WP_Error Whether user has the capability 'jetpack_admin_page' and 'activate_plugins'.
188			*/
189			public static function activate_plugins_permission_check() {
190			if ( current_user_can( 'activate_plugins' ) ) {
191			return true;
192			}
193
194			return new WP_Error( 'invalid_user_permission_activate_plugins', self::get_user_permissions_error_msg(), array( 'status' => rest_authorization_required_code() ) );
			0 ignored issues – show Unused Code introduced 2020-07-03 21:36 UTC by Report Bug Copy Issue Report The call to `WP_Error::__construct()` has too many arguments starting with `'invalid_user_permission_activate_plugins'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
195			}
196
197			/**
198			* Returns generic error message when user is not allowed to perform an action.
199			*
200			* @return string The error message.
201			*/
202			public static function get_user_permissions_error_msg() {
203			return self::$user_permissions_error_msg;
204			}
205
206			}
207

Automattic / jetpack

Push — update/paid-blocks-add-upgrade... ( 3b7293...cf9c45 )

REST_Connector::remote_authorize() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like