Issues in class.wpcom-json-api-list-users-endpoint.php - New Issues - Inspection of "dialogue: focus on RichText when click on it" - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — update/dialogue-focus-on-conte... ( 9f1745...fa862f )

unknown

created 2021-01-07 16:56 UTC

class.wpcom-json-api-list-users-endpoint.php (4 issues)

Labels

Unused Code 4

Severity

Minor 4

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

new WPCOM_JSON_API_List_Users_Endpoint( array(
	'description' => 'List the users of a site.',
	'group'       => 'users',
	'stat'        => 'users:list',

	'method'      => 'GET',
	'path'        => '/sites/%s/users',
	'path_labels' => array(
		'$site' => '(int|string) Site ID or domain',
	),

	'query_parameters' => array(
		'number'   => '(int=20) Limit the total number of authors returned.',
		'offset'   => '(int=0) The first n authors to be skipped in the returned array.',
		'order'    => array(
			'DESC' => 'Return authors in descending order.',
			'ASC'  => 'Return authors in ascending order.',
		),
		'order_by' => array(
			'ID'            => 'Order by ID (default).',
			'login'         => 'Order by username.',
			'nicename'      => "Order by nicename.",
			'email'         => 'Order by author email address.',
			'url'           => 'Order by author URL.',
			'registered'    => 'Order by registered date.',
			'display_name'  => 'Order by display name.',
			'post_count'    => 'Order by number of posts published.',
		),
		'authors_only'      => '(bool) Set to true to fetch authors only',
		'type'              => "(string) Specify the post type to query authors for. Only works when combined with the `authors_only` flag. Defaults to 'post'. Post types besides post and page need to be whitelisted using the <code>rest_api_allowed_post_types</code> filter.",
		'search'            => '(string) Find matching users.',
		'search_columns'    => "(array) Specify which columns to check for matching users. Can be any of 'ID', 'user_login', 'user_email', 'user_url', 'user_nicename', and 'display_name'. Only works when combined with `search` parameter.",
		'role'              => '(string) Specify a specific user role to fetch.'
	),

	'response_format' => array(
		'found'    => '(int) The total number of authors found that match the request (ignoring limits and offsets).',
		'authors'  => '(array:author) Array of author objects.',
	),

	'example_response' => '{
		"found": 1,
		"users": [
			{
				"ID": 78972699,
				"login": "apiexamples",
				"email": "[email protected]",
				"name": "apiexamples",
				"first_name": "",
				"last_name": "",
				"nice_name": "apiexamples",
				"URL": "http://apiexamples.wordpress.com",
				"avatar_URL": "https://1.gravatar.com/avatar/a2afb7b6c0e23e5d363d8612fb1bd5ad?s=96&d=identicon&r=G",
				"profile_URL": "https://en.gravatar.com/apiexamples",
				"site_ID": 82974409,
				"roles": [
					"administrator"
				],
				"is_super_admin": false
			}
		]
	}',

	'example_request'      => 'https://public-api.wordpress.com/rest/v1/sites/82974409/users',
	'example_request_data' => array(
		'headers' => array(
			'authorization' => 'Bearer YOUR_API_TOKEN'
		),
	)
) );

class WPCOM_JSON_API_List_Users_Endpoint extends WPCOM_JSON_API_Endpoint {

	var $response_format = array(
		'found'    => '(int) The total number of authors found that match the request (ignoring limits and offsets).',
		'users'  => '(array:author) Array of user objects',
	);

	// /sites/%s/users/ -> $blog_id
	function callback( $path = '', $blog_id = 0 ) {
		$blog_id = $this->api->switch_to_blog_and_validate_user( $this->api->get_blog_id( $blog_id ) );
		if ( is_wp_error( $blog_id ) ) {
			return $blog_id;
		}

		$args = $this->query_args();

		$authors_only = ( ! empty( $args['authors_only'] ) );

		if ( $args['number'] < 1 ) {
			$args['number'] = 20;
		} elseif ( 1000 < $args['number'] ) {
			return new WP_Error( 'invalid_number',  'The NUMBER parameter must be less than or equal to 1000.', 400 );

		}

		if ( $authors_only ) {
			if ( empty( $args['type'] ) ) {
				$args['type'] = 'post';
			}

			if ( ! $this->is_post_type_allowed( $args['type'] ) ) {
				return new WP_Error( 'unknown_post_type', 'Unknown post type', 404 );

			}

			$post_type_object = get_post_type_object( $args['type'] );
			if ( ! $post_type_object || ! current_user_can( $post_type_object->cap->edit_others_posts ) ) {
				return new WP_Error( 'unauthorized', 'User cannot view authors for specified post type', 403 );

			}
		} elseif ( ! current_user_can( 'list_users' ) ) {
			return new WP_Error( 'unauthorized', 'User cannot view users for specified site', 403 );

		}

		$query = array(
			'number'    => $args['number'],
			'offset'    => $args['offset'],
			'order'     => $args['order'],
			'orderby'   => $args['order_by'],
			'fields'    => 'ID',
		);

		if ( $authors_only ) {
			$query['who'] = 'authors';
		}

		if ( ! empty( $args['search'] ) ) {
			$query['search'] = $args['search'];
		}

		if ( ! empty( $args['search_columns'] ) ) {
			// this `user_search_columns` filter is necessary because WP_User_Query does not allow `display_name` as a search column
			$this->search_columns = array_intersect( $args['search_columns'], array( 'ID', 'user_login', 'user_email', 'user_url', 'user_nicename', 'display_name' ) );
			add_filter( 'user_search_columns', array( $this, 'api_user_override_search_columns' ), 10, 3 );
		}

		if ( ! empty( $args['role'] ) ) {
			$query['role'] = $args['role'];
		}

		$user_query = new WP_User_Query( $query );

		remove_filter( 'user_search_columns', array( $this, 'api_user_override_search_columns' ) );

		$return = array();
		foreach ( array_keys( $this->response_format ) as $key ) {
			switch ( $key ) {
				case 'found' :
					$return[ $key ] = (int) $user_query->get_total();
					break;
				case 'users' :
					$users = array();
					$is_multisite = is_multisite();
					foreach ( $user_query->get_results() as $u ) {
						$the_user = $this->get_author( $u, true );
						if ( $the_user && ! is_wp_error( $the_user ) ) {
							$userdata = get_userdata( $u );
							$the_user->roles = ! is_wp_error( $userdata ) ? array_values( $userdata->roles ) : array();
							if ( $is_multisite ) {
								$the_user->is_super_admin = user_can( $the_user->ID, 'manage_network' );
							}
							$users[] = $the_user;
						}
					}

					$return[ $key ] = $users;
					break;
			}
		}

		return $return;
	}

	function api_user_override_search_columns( $search_columns, $search ) {
		return $this->search_columns;
	}
}


1			<?php
2
3			new WPCOM_JSON_API_List_Users_Endpoint( array(
4			'description' => 'List the users of a site.',
5			'group' => 'users',
6			'stat' => 'users:list',
7
8			'method' => 'GET',
9			'path' => '/sites/%s/users',
10			'path_labels' => array(
11			'$site' => '(int\|string) Site ID or domain',
12			),
13
14			'query_parameters' => array(
15			'number' => '(int=20) Limit the total number of authors returned.',
16			'offset' => '(int=0) The first n authors to be skipped in the returned array.',
17			'order' => array(
18			'DESC' => 'Return authors in descending order.',
19			'ASC' => 'Return authors in ascending order.',
20			),
21			'order_by' => array(
22			'ID' => 'Order by ID (default).',
23			'login' => 'Order by username.',
24			'nicename' => "Order by nicename.",
25			'email' => 'Order by author email address.',
26			'url' => 'Order by author URL.',
27			'registered' => 'Order by registered date.',
28			'display_name' => 'Order by display name.',
29			'post_count' => 'Order by number of posts published.',
30			),
31			'authors_only' => '(bool) Set to true to fetch authors only',
32			'type' => "(string) Specify the post type to query authors for. Only works when combined with the `authors_only` flag. Defaults to 'post'. Post types besides post and page need to be whitelisted using the <code>rest_api_allowed_post_types</code> filter.",
33			'search' => '(string) Find matching users.',
34			'search_columns' => "(array) Specify which columns to check for matching users. Can be any of 'ID', 'user_login', 'user_email', 'user_url', 'user_nicename', and 'display_name'. Only works when combined with `search` parameter.",
35			'role' => '(string) Specify a specific user role to fetch.'
36			),
37
38			'response_format' => array(
39			'found' => '(int) The total number of authors found that match the request (ignoring limits and offsets).',
40			'authors' => '(array:author) Array of author objects.',
41			),
42
43			'example_response' => '{
44			"found": 1,
45			"users": [
46			{
47			"ID": 78972699,
48			"login": "apiexamples",
49			"email": "[email protected]",
50			"name": "apiexamples",
51			"first_name": "",
52			"last_name": "",
53			"nice_name": "apiexamples",
54			"URL": "http://apiexamples.wordpress.com",
55			"avatar_URL": "https://1.gravatar.com/avatar/a2afb7b6c0e23e5d363d8612fb1bd5ad?s=96&d=identicon&r=G",
56			"profile_URL": "https://en.gravatar.com/apiexamples",
57			"site_ID": 82974409,
58			"roles": [
59			"administrator"
60			],
61			"is_super_admin": false
62			}
63			]
64			}',
65
66			'example_request' => 'https://public-api.wordpress.com/rest/v1/sites/82974409/users',
67			'example_request_data' => array(
68			'headers' => array(
69			'authorization' => 'Bearer YOUR_API_TOKEN'
70			),
71			)
72			) );
73
74			class WPCOM_JSON_API_List_Users_Endpoint extends WPCOM_JSON_API_Endpoint {
75
76			var $response_format = array(
77			'found' => '(int) The total number of authors found that match the request (ignoring limits and offsets).',
78			'users' => '(array:author) Array of user objects',
79			);
80
81			// /sites/%s/users/ -> $blog_id
82			function callback( $path = '', $blog_id = 0 ) {
83			$blog_id = $this->api->switch_to_blog_and_validate_user( $this->api->get_blog_id( $blog_id ) );
84			if ( is_wp_error( $blog_id ) ) {
85			return $blog_id;
86			}
87
88			$args = $this->query_args();
89
90			$authors_only = ( ! empty( $args['authors_only'] ) );
91
92			if ( $args['number'] < 1 ) {
93			$args['number'] = 20;
94			} elseif ( 1000 < $args['number'] ) {
95			return new WP_Error( 'invalid_number', 'The NUMBER parameter must be less than or equal to 1000.', 400 );
			0 ignored issues – show Unused Code introduced 2019-06-17 08:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to `WP_Error::__construct()` has too many arguments starting with `'invalid_number'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
96			}
97
98			if ( $authors_only ) {
99			if ( empty( $args['type'] ) ) {
100			$args['type'] = 'post';
101			}
102
103			if ( ! $this->is_post_type_allowed( $args['type'] ) ) {
104			return new WP_Error( 'unknown_post_type', 'Unknown post type', 404 );
			0 ignored issues – show Unused Code introduced 2019-06-17 08:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to `WP_Error::__construct()` has too many arguments starting with `'unknown_post_type'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
105			}
106
107			$post_type_object = get_post_type_object( $args['type'] );
108			if ( ! $post_type_object \|\| ! current_user_can( $post_type_object->cap->edit_others_posts ) ) {
109			return new WP_Error( 'unauthorized', 'User cannot view authors for specified post type', 403 );
			0 ignored issues – show Unused Code introduced 2019-06-17 08:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to `WP_Error::__construct()` has too many arguments starting with `'unauthorized'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
110			}
111			} elseif ( ! current_user_can( 'list_users' ) ) {
112			return new WP_Error( 'unauthorized', 'User cannot view users for specified site', 403 );
			0 ignored issues – show Unused Code introduced 2019-06-17 08:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this The call to `WP_Error::__construct()` has too many arguments starting with `'unauthorized'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
113			}
114
115			$query = array(
116			'number' => $args['number'],
117			'offset' => $args['offset'],
118			'order' => $args['order'],
119			'orderby' => $args['order_by'],
120			'fields' => 'ID',
121			);
122
123			if ( $authors_only ) {
124			$query['who'] = 'authors';
125			}
126
127			if ( ! empty( $args['search'] ) ) {
128			$query['search'] = $args['search'];
129			}
130
131			if ( ! empty( $args['search_columns'] ) ) {
132			// this `user_search_columns` filter is necessary because WP_User_Query does not allow `display_name` as a search column
133			$this->search_columns = array_intersect( $args['search_columns'], array( 'ID', 'user_login', 'user_email', 'user_url', 'user_nicename', 'display_name' ) );
134			add_filter( 'user_search_columns', array( $this, 'api_user_override_search_columns' ), 10, 3 );
135			}
136
137			if ( ! empty( $args['role'] ) ) {
138			$query['role'] = $args['role'];
139			}
140
141			$user_query = new WP_User_Query( $query );
142
143			remove_filter( 'user_search_columns', array( $this, 'api_user_override_search_columns' ) );
144
145			$return = array();
146			foreach ( array_keys( $this->response_format ) as $key ) {
147			switch ( $key ) {
148			case 'found' :
149			$return[ $key ] = (int) $user_query->get_total();
150			break;
151			case 'users' :
152			$users = array();
153			$is_multisite = is_multisite();
154			foreach ( $user_query->get_results() as $u ) {
155			$the_user = $this->get_author( $u, true );
156			if ( $the_user && ! is_wp_error( $the_user ) ) {
157			$userdata = get_userdata( $u );
158			$the_user->roles = ! is_wp_error( $userdata ) ? array_values( $userdata->roles ) : array();
159			if ( $is_multisite ) {
160			$the_user->is_super_admin = user_can( $the_user->ID, 'manage_network' );
161			}
162			$users[] = $the_user;
163			}
164			}
165
166			$return[ $key ] = $users;
167			break;
168			}
169			}
170
171			return $return;
172			}
173
174			function api_user_override_search_columns( $search_columns, $search ) {
175			return $this->search_columns;
176			}
177			}
178

Automattic / jetpack

Push — update/dialogue-focus-on-conte... ( 9f1745...fa862f )

class.wpcom-json-api-list-users-endpoint.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like