Skip to content

Commit

Permalink
Merge pull request woocommerce#11882 from woothemes/settings-and-api-…
Browse files Browse the repository at this point in the history
…fixes

Settings & API Fixes
  • Loading branch information
justinshreve authored Sep 9, 2016
2 parents 9a37843 + 6fafbe8 commit c8ddca0
Show file tree
Hide file tree
Showing 17 changed files with 686 additions and 110 deletions.
134 changes: 134 additions & 0 deletions includes/abstracts/abstract-wc-rest-controller.php
Original file line number Diff line number Diff line change
Expand Up @@ -185,6 +185,140 @@ public function batch_items( $request ) {
return $response;
}

/**
* Validate a text value for a text based setting.
*
* @since 2.7.0
* @param string $value
* @param array $setting
* @return string
*/
public function validate_setting_text_field( $value, $setting ) {
$value = is_null( $value ) ? '' : $value;
return wp_kses_post( trim( stripslashes( $value ) ) );
return $value;
}

/**
* Validate select based settings.
*
* @since 2.7.0
* @param string $value
* @param array $setting
* @return string|WP_Error
*/
public function validate_setting_select_field( $value, $setting ) {
if ( array_key_exists( $value, $setting['options'] ) ) {
return $value;
} else {
return new WP_Error( 'rest_setting_value_invalid', __( 'An invalid setting value was passed.', 'woocommerce' ), array( 'status' => 400 ) );
}
}

/**
* Validate multiselect based settings.
*
* @since 2.7.0
* @param array $values
* @param array $setting
* @return string|WP_Error
*/
public function validate_setting_multiselect_field( $values, $setting ) {
if ( empty( $values ) ) {
return array();
}

if ( ! is_array( $values ) ) {
return new WP_Error( 'rest_setting_value_invalid', __( 'An invalid setting value was passed.', 'woocommerce' ), array( 'status' => 400 ) );
}

$final_values = array();
foreach ( $values as $value ) {
if ( array_key_exists( $value, $setting['options'] ) ) {
$final_values[] = $value;
}
}

return $final_values;
}

/**
* Validate image_width based settings.
*
* @since 2.7.0
* @param array $value
* @param array $setting
* @return string|WP_Error
*/
public function validate_setting_image_width_field( $values, $setting ) {
if ( ! is_array( $values ) ) {
return new WP_Error( 'rest_setting_value_invalid', __( 'An invalid setting value was passed.', 'woocommerce' ), array( 'status' => 400 ) );
}

$current = $setting['value'];
if ( isset( $values['width'] ) ) {
$current['width'] = intval( $values['width'] );
}
if ( isset( $values['height'] ) ) {
$current['height'] = intval( $values['height'] );
}
if ( isset( $values['crop'] ) ) {
$current['crop'] = (bool) $values['crop'];
}
return $current;
}

/**
* Validate radio based settings.
*
* @since 2.7.0
* @param string $value
* @param array $setting
* @return string|WP_Error
*/
public function validate_setting_radio_field( $value, $setting ) {
return $this->validate_setting_select_field( $value, $setting );
}

/**
* Validate checkbox based settings.
*
* @since 2.7.0
* @param string $value
* @param array $setting
* @return string|WP_Error
*/
public function validate_setting_checkbox_field( $value, $setting ) {
if ( in_array( $value, array( 'yes', 'no' ) ) ) {
return $value;
} elseif ( empty( $value ) ) {
$value = isset( $setting['default'] ) ? $setting['default'] : 'no';
return $value;
} else {
return new WP_Error( 'rest_setting_value_invalid', __( 'An invalid setting value was passed.', 'woocommerce' ), array( 'status' => 400 ) );
}
}

/**
* Validate textarea based settings.
*
* @since 2.7.0
* @param string $value
* @param array $setting
* @return string
*/
public function validate_setting_textarea_field( $value, $setting ) {
$value = is_null( $value ) ? '' : $value;
return wp_kses( trim( stripslashes( $value ) ),
array_merge(
array(
'iframe' => array( 'src' => true, 'style' => true, 'id' => true, 'class' => true ),
),
wp_kses_allowed_html( 'post' )
)
);
}

/**
* Get the batch schema, conforming to JSON Schema.
*
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ protected function get_zone( $zone_id ) {
$zone = WC_Shipping_Zones::get_zone_by( 'zone_id', $zone_id );

if ( false === $zone ) {
return new WP_Error( 'woocommerce_rest_shipping_zone_invalid', __( "Resource doesn't exist.", 'woocommerce' ), array( 'status' => 404 ) );
return new WP_Error( 'woocommerce_rest_shipping_zone_invalid', __( 'Resource does not exist.', 'woocommerce' ), array( 'status' => 404 ) );
}

return $zone;
Expand Down
8 changes: 4 additions & 4 deletions includes/abstracts/abstract-wc-rest-terms-controller.php
Original file line number Diff line number Diff line change
Expand Up @@ -217,15 +217,15 @@ protected function check_permissions( $request, $context = 'read' ) {
// Get taxonomy.
$taxonomy = $this->get_taxonomy( $request );
if ( ! $taxonomy ) {
return new WP_Error( 'woocommerce_rest_taxonomy_invalid', __( "Taxonomy doesn't exist.", 'woocommerce' ), array( 'status' => 404 ) );
return new WP_Error( 'woocommerce_rest_taxonomy_invalid', __( 'Taxonomy does not exist.', 'woocommerce' ), array( 'status' => 404 ) );
}

// Check permissions for a single term.
if ( $id = intval( $request['id'] ) ) {
$term = get_term( $id, $taxonomy );

if ( ! $term || $term->taxonomy !== $taxonomy ) {
return new WP_Error( 'woocommerce_rest_term_invalid', __( "Resource doesn't exist.", 'woocommerce' ), array( 'status' => 404 ) );
return new WP_Error( 'woocommerce_rest_term_invalid', __( 'Resource does not exist.', 'woocommerce' ), array( 'status' => 404 ) );
}

return wc_rest_check_product_term_permissions( $taxonomy, $context, $term->term_id );
Expand Down Expand Up @@ -370,7 +370,7 @@ public function create_item( $request ) {
$parent = get_term( (int) $request['parent'], $taxonomy );

if ( ! $parent ) {
return new WP_Error( 'woocommerce_rest_term_invalid', __( "Parent resource doesn't exist.", 'woocommerce' ), array( 'status' => 404 ) );
return new WP_Error( 'woocommerce_rest_term_invalid', __( 'Parent resource does not exist.', 'woocommerce' ), array( 'status' => 404 ) );
}

$args['parent'] = $parent->term_id;
Expand Down Expand Up @@ -474,7 +474,7 @@ public function update_item( $request ) {
$parent = get_term( (int) $request['parent'], $taxonomy );

if ( ! $parent ) {
return new WP_Error( 'woocommerce_rest_term_invalid', __( "Parent resource doesn't exist.", 'woocommerce' ), array( 'status' => 400 ) );
return new WP_Error( 'woocommerce_rest_term_invalid', __( 'Parent resource does not exist.', 'woocommerce' ), array( 'status' => 400 ) );
}

$prepared_args['parent'] = $parent->term_id;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ public function get_items_permissions_check( $request ) {
$customer = get_user_by( 'id', (int) $request['customer_id'] );

if ( ! $customer ) {
return new WP_Error( "woocommerce_rest_customer_invalid", __( "Resource doesn't exist.", 'woocommerce' ), array( 'status' => 404 ) );
return new WP_Error( 'woocommerce_rest_customer_invalid', __( 'Resource does not exist.', 'woocommerce' ), array( 'status' => 404 ) );
}

if ( ! wc_rest_check_user_permissions( 'read', $customer->id ) ) {
Expand Down
23 changes: 19 additions & 4 deletions includes/api/class-wc-rest-payment-gateways-controller.php
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ public function get_item( $request ) {
$gateway = $this->get_gateway( $request );

if ( is_null( $gateway ) ) {
return new WP_Error( 'woocommerce_rest_payment_gateway_invalid', __( "Resource does not exist.", 'woocommerce' ), array( 'status' => 404 ) );
return new WP_Error( 'woocommerce_rest_payment_gateway_invalid', __( 'Resource does not exist.', 'woocommerce' ), array( 'status' => 404 ) );
}

$gateway = $this->prepare_item_for_response( $gateway, $request );
Expand All @@ -150,18 +150,33 @@ public function update_item( $request ) {
$gateway = $this->get_gateway( $request );

if ( is_null( $gateway ) ) {
return new WP_Error( 'woocommerce_rest_payment_gateway_invalid', __( "Resource does not exist.", 'woocommerce' ), array( 'status' => 404 ) );
return new WP_Error( 'woocommerce_rest_payment_gateway_invalid', __( 'Resource does not exist.', 'woocommerce' ), array( 'status' => 404 ) );
}

// Update settings if present
if ( isset( $request['settings'] ) ) {
$gateway->init_form_fields();
$settings = $gateway->settings;
$settings = $gateway->settings;
$errors_found = false;
foreach ( $gateway->form_fields as $key => $field ) {
if ( isset( $request['settings'][ $key ] ) ) {
$settings[ $key ] = $request['settings'][ $key ];
if ( is_callable( array( $this, 'validate_setting_' . $field['type'] . '_field' ) ) ) {
$value = $this->{'validate_setting_' . $field['type'] . '_field'}( $request['settings'][ $key ], $field );
} else {
$value = $this->validate_setting_text_field( $request['settings'][ $key ], $field );
}
if ( is_wp_error( $value ) ) {
$errors_found = true;
break;
}
$settings[ $key ] = $value;
}
}

if ( $errors_found ) {
return new WP_Error( 'rest_setting_value_invalid', __( 'An invalid setting value was passed.', 'woocommerce' ), array( 'status' => 400 ) );
}

$gateway->settings = $settings;
update_option( $gateway->get_option_key(), apply_filters( 'woocommerce_gateway_' . $gateway->id . '_settings_values', $settings, $gateway ) );
}
Expand Down
8 changes: 4 additions & 4 deletions includes/api/class-wc-rest-product-attributes-controller.php
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@ public function create_item_permissions_check( $request ) {
*/
public function get_item_permissions_check( $request ) {
if ( ! $this->get_taxonomy( $request ) ) {
return new WP_Error( "woocommerce_rest_taxonomy_invalid", __( "Resource doesn't exist.", 'woocommerce' ), array( 'status' => 404 ) );
return new WP_Error( 'woocommerce_rest_taxonomy_invalid', __( 'Resource does not exist.', 'woocommerce' ), array( 'status' => 404 ) );
}

if ( ! wc_rest_check_manager_permissions( 'attributes', 'read' ) ) {
Expand All @@ -161,7 +161,7 @@ public function get_item_permissions_check( $request ) {
*/
public function update_item_permissions_check( $request ) {
if ( ! $this->get_taxonomy( $request ) ) {
return new WP_Error( "woocommerce_rest_taxonomy_invalid", __( "Resource doesn't exist.", 'woocommerce' ), array( 'status' => 404 ) );
return new WP_Error( 'woocommerce_rest_taxonomy_invalid', __( 'Resource does not exist.', 'woocommerce' ), array( 'status' => 404 ) );
}

if ( ! wc_rest_check_manager_permissions( 'attributes', 'edit' ) ) {
Expand All @@ -179,7 +179,7 @@ public function update_item_permissions_check( $request ) {
*/
public function delete_item_permissions_check( $request ) {
if ( ! $this->get_taxonomy( $request ) ) {
return new WP_Error( "woocommerce_rest_taxonomy_invalid", __( "Resource doesn't exist.", 'woocommerce' ), array( 'status' => 404 ) );
return new WP_Error( 'woocommerce_rest_taxonomy_invalid', __( 'Resource does not exist.', 'woocommerce' ), array( 'status' => 404 ) );
}

if ( ! wc_rest_check_manager_permissions( 'attributes', 'delete' ) ) {
Expand Down Expand Up @@ -617,7 +617,7 @@ protected function get_attribute( $id ) {
", $id ) );

if ( is_wp_error( $attribute ) || is_null( $attribute ) ) {
return new WP_Error( 'woocommerce_rest_attribute_invalid', __( "Resource doesn't exist.", 'woocommerce' ), array( 'status' => 404 ) );
return new WP_Error( 'woocommerce_rest_attribute_invalid', __( 'Resource does not exist.', 'woocommerce' ), array( 'status' => 404 ) );
}

return $attribute;
Expand Down
2 changes: 1 addition & 1 deletion includes/api/class-wc-rest-settings-controller.php
Original file line number Diff line number Diff line change
Expand Up @@ -185,7 +185,7 @@ public function get_items_permissions_check( $request ) {
public function get_item_schema() {
$schema = array(
'$schema' => 'http://json-schema.org/draft-04/schema#',
'title' => 'settings-group',
'title' => 'setting_group',
'type' => 'object',
'properties' => array(
'id' => array(
Expand Down
Loading

0 comments on commit c8ddca0

Please sign in to comment.