Jetpack_JSON_API_Endpoint::validate_input() - Code Metrics - Inspection of "Uses sync settings for known importers" - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — update/import-sync-detection ( cc9b3b...d0bcf1 )

unknown

created 2019-04-29 19:30 UTC

Jetpack_JSON_API_Endpoint::validate_input() B

↳ Parent: Jetpack_JSON_API_Endpoint

Complexity

Conditions	7
Paths	10

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	7
nc	10
nop	1
dl	0
loc	21
rs	8.6506
c	0
b	0
f	0

<?php

include JETPACK__PLUGIN_DIR . '/modules/module-info.php';

/**
 * Base class for Jetpack Endpoints, has the validate_call helper function.
 */
abstract class Jetpack_JSON_API_Endpoint extends WPCOM_JSON_API_Endpoint {

	protected $needed_capabilities;
	protected $expected_actions = array();
	protected $action;


	public function callback( $path = '', $blog_id = 0, $object = null ) {
		if ( is_wp_error( $error = $this->validate_call( $blog_id, $this->needed_capabilities ) ) ) {
			return $error;
		}

		if ( is_wp_error( $error = $this->validate_input( $object ) ) ) {
			return $error;
		}

		if ( ! empty( $this->action ) ) {
			if( is_wp_error( $error = call_user_func( array( $this, $this->action ) ) ) ) {
				return $error;
			}
		}

		return $this->result();
	}

	abstract protected function result();

	protected function validate_input( $object ) {
		$args = $this->input();

		if( isset( $args['action'] ) && $args['action'] == 'update' ) {
			$this->action = 'update';
		}

		if ( preg_match( "/\/update\/?$/", $this->path ) ) {
			$this->action = 'update';

		} elseif( preg_match( "/\/install\/?$/", $this->path ) ) {
			$this->action = 'install';

		} elseif( ! empty( $args['action'] ) ) {
			if( ! in_array( $args['action'], $this->expected_actions ) ) {
				return new WP_Error( 'invalid_action', __( 'You must specify a valid action', 'jetpack' ) );
			}
			$this->action =  $args['action'];
		}
		return true;
	}

	/**
	 * Switches to the blog and checks current user capabilities.
	 * @return bool|WP_Error a WP_Error object or true if things are good.
	 */
	protected function validate_call( $_blog_id, $capability, $check_manage_active = true ) {
		$blog_id = $this->api->switch_to_blog_and_validate_user( $this->api->get_blog_id( $_blog_id ) );
		if ( is_wp_error( $blog_id ) ) {
			return $blog_id;
		}

		if ( is_wp_error( $error = $this->check_capability( $capability ) ) ) {
			return $error;
		}

		if ( $check_manage_active &&  'GET' !== $this->method && ! Jetpack::is_module_active( 'manage' ) ) {
			return new WP_Error( 'unauthorized_full_access', __( 'Full management mode is off for this site.', 'jetpack' ), 403 );
		}

		return true;
	}

	/**
	 * @param $capability
	 *
	 * @return bool|WP_Error
	 */
	protected function check_capability( $capability ) {
		if ( is_array( $capability ) ) {
			// the idea is that the we can pass in an array of capabilitie that the user needs to have before we allowing them to do something
			$capabilities = ( isset( $capability['capabilities'] ) ? $capability['capabilities'] : $capability );

			// We can pass in the number of conditions we must pass by default it is all.
			$must_pass = ( isset( $capability['must_pass'] ) && is_int( $capability['must_pass'] ) ? $capability['must_pass'] : count( $capabilities ) );

			$failed = array(); // store the failed capabilities
			$passed = 0; //

			foreach ( $capabilities as $cap ) {
				if ( current_user_can( $cap ) ) {
					$passed ++;
				} else {
					$failed[] = $cap;
				}
			}
			// Check that must have conditions is less then
			if ( $passed < $must_pass ) {
				return new WP_Error( 'unauthorized', sprintf( __( 'This user is not authorized to %s on this blog.', 'jetpack' ), implode( ', ', $failed ), 403 ) );
			}

		} else {
			if ( !current_user_can( $capability ) ) {
				return new WP_Error( 'unauthorized', sprintf( __( 'This user is not authorized to %s on this blog.', 'jetpack' ), $capability ), 403 );
			}
		}

		return true;
	}

}


1		<?php
2
3		include JETPACK__PLUGIN_DIR . '/modules/module-info.php';
4
5		/**
6		* Base class for Jetpack Endpoints, has the validate_call helper function.
7		*/
8		abstract class Jetpack_JSON_API_Endpoint extends WPCOM_JSON_API_Endpoint {
9
10		protected $needed_capabilities;
11		protected $expected_actions = array();
12		protected $action;
13
14
15		public function callback( $path = '', $blog_id = 0, $object = null ) {
16		if ( is_wp_error( $error = $this->validate_call( $blog_id, $this->needed_capabilities ) ) ) {
17		return $error;
18		}
19
20		if ( is_wp_error( $error = $this->validate_input( $object ) ) ) {
21		return $error;
22		}
23
24		if ( ! empty( $this->action ) ) {
25		if( is_wp_error( $error = call_user_func( array( $this, $this->action ) ) ) ) {
26		return $error;
27		}
28		}
29
30		return $this->result();
31		}
32
33		abstract protected function result();
34
35		protected function validate_input( $object ) {
36		$args = $this->input();
37
38		if( isset( $args['action'] ) && $args['action'] == 'update' ) {
39		$this->action = 'update';
40		}
41
42		if ( preg_match( "/\/update\/?$/", $this->path ) ) {
43		$this->action = 'update';
44
45		} elseif( preg_match( "/\/install\/?$/", $this->path ) ) {
46		$this->action = 'install';
47
48		} elseif( ! empty( $args['action'] ) ) {
49		if( ! in_array( $args['action'], $this->expected_actions ) ) {
50		return new WP_Error( 'invalid_action', __( 'You must specify a valid action', 'jetpack' ) );
51		}
52		$this->action = $args['action'];
53		}
54		return true;
55		}
56
57		/**
58		* Switches to the blog and checks current user capabilities.
59		* @return bool\|WP_Error a WP_Error object or true if things are good.
60		*/
61		protected function validate_call( $_blog_id, $capability, $check_manage_active = true ) {
62		$blog_id = $this->api->switch_to_blog_and_validate_user( $this->api->get_blog_id( $_blog_id ) );
63		if ( is_wp_error( $blog_id ) ) {
64		return $blog_id;
65		}
66
67		if ( is_wp_error( $error = $this->check_capability( $capability ) ) ) {
68		return $error;
69		}
70
71		if ( $check_manage_active && 'GET' !== $this->method && ! Jetpack::is_module_active( 'manage' ) ) {
72		return new WP_Error( 'unauthorized_full_access', __( 'Full management mode is off for this site.', 'jetpack' ), 403 );
73		}
74
75		return true;
76		}
77
78		/**
79		* @param $capability
80		*
81		* @return bool\|WP_Error
82		*/
83		protected function check_capability( $capability ) {
84		if ( is_array( $capability ) ) {
85		// the idea is that the we can pass in an array of capabilitie that the user needs to have before we allowing them to do something
86		$capabilities = ( isset( $capability['capabilities'] ) ? $capability['capabilities'] : $capability );
87
88		// We can pass in the number of conditions we must pass by default it is all.
89		$must_pass = ( isset( $capability['must_pass'] ) && is_int( $capability['must_pass'] ) ? $capability['must_pass'] : count( $capabilities ) );
90
91		$failed = array(); // store the failed capabilities
92		$passed = 0; //
93
94		foreach ( $capabilities as $cap ) {
95		if ( current_user_can( $cap ) ) {
96		$passed ++;
97		} else {
98		$failed[] = $cap;
99		}
100		}
101		// Check that must have conditions is less then
102	View Code Duplication	if ( $passed < $must_pass ) {
103		return new WP_Error( 'unauthorized', sprintf( __( 'This user is not authorized to %s on this blog.', 'jetpack' ), implode( ', ', $failed ), 403 ) );
104		}
105
106	View Code Duplication	} else {
107		if ( !current_user_can( $capability ) ) {
108		return new WP_Error( 'unauthorized', sprintf( __( 'This user is not authorized to %s on this blog.', 'jetpack' ), $capability ), 403 );
109		}
110		}
111
112		return true;
113		}
114
115		}
116

Automattic / jetpack

Push — update/import-sync-detection ( cc9b3b...d0bcf1 )

Jetpack_JSON_API_Endpoint::validate_input() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like