|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* The Backup Rest Controller class. |
|
4
|
|
|
* Registers the REST routes for Backup. |
|
5
|
|
|
* |
|
6
|
|
|
* @package automattic/jetpack-backup |
|
7
|
|
|
*/ |
|
8
|
|
|
|
|
9
|
|
|
namespace Automattic\Jetpack\Backup; |
|
10
|
|
|
|
|
11
|
|
|
use Automattic\Jetpack\Connection\Rest_Authentication; |
|
12
|
|
|
use WP_Error; |
|
13
|
|
|
use WP_REST_Request; |
|
14
|
|
|
use WP_REST_Server; |
|
15
|
|
|
|
|
16
|
|
|
/** |
|
17
|
|
|
* Registers the REST routes for Backup. |
|
18
|
|
|
*/ |
|
19
|
|
|
class REST_Controller { |
|
20
|
|
|
/** |
|
21
|
|
|
* Registers the REST routes for Backup. |
|
22
|
|
|
* |
|
23
|
|
|
* @access public |
|
24
|
|
|
* @static |
|
25
|
|
|
*/ |
|
26
|
|
|
public static function register_rest_routes() { |
|
27
|
|
|
// Install a Helper Script to assist Jetpack Backup fetch data. |
|
28
|
|
|
register_rest_route( |
|
29
|
|
|
'jetpack/v4', |
|
30
|
|
|
'/backup-helper-script', |
|
31
|
|
|
array( |
|
32
|
|
|
'methods' => WP_REST_Server::CREATABLE, |
|
33
|
|
|
'callback' => __CLASS__ . '::install_backup_helper_script', |
|
34
|
|
|
'permission_callback' => __CLASS__ . '::backup_helper_script_permissions_callback', |
|
35
|
|
|
'args' => array( |
|
36
|
|
|
'helper' => array( |
|
37
|
|
|
'description' => __( 'base64 encoded Backup Helper Script body.', 'jetpack' ), |
|
38
|
|
|
'type' => 'string', |
|
39
|
|
|
'required' => true, |
|
40
|
|
|
), |
|
41
|
|
|
), |
|
42
|
|
|
) |
|
43
|
|
|
); |
|
44
|
|
|
|
|
45
|
|
|
// Delete a Backup Helper Script. |
|
46
|
|
|
register_rest_route( |
|
47
|
|
|
'jetpack/v4', |
|
48
|
|
|
'/backup-helper-script', |
|
49
|
|
|
array( |
|
50
|
|
|
'methods' => WP_REST_Server::DELETABLE, |
|
51
|
|
|
'callback' => __CLASS__ . '::delete_backup_helper_script', |
|
52
|
|
|
'permission_callback' => __CLASS__ . '::backup_helper_script_permissions_callback', |
|
53
|
|
|
'args' => array( |
|
54
|
|
|
'path' => array( |
|
55
|
|
|
'description' => __( 'Path to Backup Helper Script', 'jetpack' ), |
|
56
|
|
|
'type' => 'string', |
|
57
|
|
|
'required' => true, |
|
58
|
|
|
), |
|
59
|
|
|
), |
|
60
|
|
|
) |
|
61
|
|
|
); |
|
62
|
|
|
} |
|
63
|
|
|
|
|
64
|
|
|
/** |
|
65
|
|
|
* The Backup Helper Script should only be installed / removed via site-level authentication. |
|
66
|
|
|
* This means that the corresponding endpoints can only be accessible from WPCOM. |
|
67
|
|
|
* |
|
68
|
|
|
* @access public |
|
69
|
|
|
* @static |
|
70
|
|
|
* |
|
71
|
|
|
* @return bool|WP_Error True if a blog token was used to sign the request, WP_Error otherwise. |
|
72
|
|
|
*/ |
|
73
|
|
View Code Duplication |
public static function backup_helper_script_permissions_callback() { |
|
74
|
|
|
if ( Rest_Authentication::is_signed_with_blog_token() ) { |
|
75
|
|
|
return true; |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
$error_msg = esc_html__( |
|
79
|
|
|
'You are not allowed to perform this action.', |
|
80
|
|
|
'jetpack' |
|
81
|
|
|
); |
|
82
|
|
|
|
|
83
|
|
|
return new WP_Error( 'rest_forbidden', $error_msg, array( 'status' => rest_authorization_required_code() ) ); |
|
|
|
|
|
|
84
|
|
|
} |
|
85
|
|
|
|
|
86
|
|
|
/** |
|
87
|
|
|
* Install the Backup Helper Script. |
|
88
|
|
|
* |
|
89
|
|
|
* @access public |
|
90
|
|
|
* @static |
|
91
|
|
|
* |
|
92
|
|
|
* @param WP_REST_Request $request The request sent to the WP REST API. |
|
93
|
|
|
* @return array|WP_Error Returns the result of Helper Script installation. Returns one of: |
|
94
|
|
|
* - WP_Error on failure, or |
|
95
|
|
|
* - An array with installation info on success: |
|
96
|
|
|
* 'path' (string) The sinstallation path. |
|
97
|
|
|
* 'url' (string) The access url. |
|
98
|
|
|
* 'abspath' (string) The abspath. |
|
99
|
|
|
*/ |
|
100
|
|
|
public static function install_backup_helper_script( $request ) { |
|
101
|
|
|
$helper_script = $request->get_param( 'helper' ); |
|
102
|
|
|
|
|
103
|
|
|
// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_decode |
|
104
|
|
|
$helper_script = base64_decode( $helper_script ); |
|
105
|
|
|
if ( ! $helper_script ) { |
|
106
|
|
|
return new WP_Error( 'invalid_args', __( 'Helper script body must be base64 encoded', 'jetpack' ), 400 ); |
|
|
|
|
|
|
107
|
|
|
} |
|
108
|
|
|
|
|
109
|
|
|
$installation_info = Helper_Script_Manager::install_helper_script( $helper_script ); |
|
110
|
|
|
Helper_Script_Manager::cleanup_expired_helper_scripts(); |
|
111
|
|
|
|
|
112
|
|
|
// Include ABSPATH with successful result. |
|
113
|
|
|
if ( ! is_wp_error( $installation_info ) ) { |
|
114
|
|
|
$installation_info['abspath'] = ABSPATH; |
|
115
|
|
|
} |
|
116
|
|
|
|
|
117
|
|
|
return rest_ensure_response( $installation_info ); |
|
118
|
|
|
} |
|
119
|
|
|
|
|
120
|
|
|
/** |
|
121
|
|
|
* Delete a Backup Helper Script. |
|
122
|
|
|
* |
|
123
|
|
|
* @access public |
|
124
|
|
|
* @static |
|
125
|
|
|
* |
|
126
|
|
|
* @param WP_REST_Request $request The request sent to the WP REST API. |
|
127
|
|
|
* @return array An array with 'success' key indicating the result of the delete operation. |
|
128
|
|
|
*/ |
|
129
|
|
|
public static function delete_backup_helper_script( $request ) { |
|
130
|
|
|
$path_to_helper_script = $request->get_param( 'path' ); |
|
131
|
|
|
|
|
132
|
|
|
$deleted = Helper_Script_Manager::delete_helper_script( $path_to_helper_script ); |
|
133
|
|
|
Helper_Script_Manager::cleanup_expired_helper_scripts(); |
|
134
|
|
|
|
|
135
|
|
|
return rest_ensure_response( |
|
136
|
|
|
array( |
|
137
|
|
|
'success' => $deleted, |
|
138
|
|
|
) |
|
139
|
|
|
); |
|
140
|
|
|
} |
|
141
|
|
|
} |
|
142
|
|
|
|
Automattic /
jetpack
Loading history...
This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.
If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.
In this case you can add the
@ignorePhpDoc annotation to the duplicate definition and it will be ignored.