Edit File by line

<?php

[0] Fix | Delete

[1] Fix | Delete

namespace WPForms\Integrations\Elementor;

[2] Fix | Delete

[3] Fix | Delete

use WP_Error;

[4] Fix | Delete

use WP_REST_Request;

[5] Fix | Delete

use WP_REST_Response; // phpcs:ignore WPForms.PHP.UseStatement.UnusedUseStatement

[6] Fix | Delete

use WPForms\Frontend\CSSVars;

[7] Fix | Delete

[8] Fix | Delete

/**

[9] Fix | Delete

* Rest API for Elementor Modern widget.

[10] Fix | Delete

[11] Fix | Delete

* @since 1.9.6

[12] Fix | Delete

[13] Fix | Delete

class RestApi {

[14] Fix | Delete

[15] Fix | Delete

/**

[16] Fix | Delete

* Route prefix.

[17] Fix | Delete

[18] Fix | Delete

* @since 1.9.6

[19] Fix | Delete

[20] Fix | Delete

* @var string

[21] Fix | Delete

[22] Fix | Delete

public const ROUTE_NAMESPACE = '/wpforms/v1/';

[23] Fix | Delete

[24] Fix | Delete

/**

[25] Fix | Delete

* ThemesData class instance.

[26] Fix | Delete

[27] Fix | Delete

* @since 1.9.6

[28] Fix | Delete

[29] Fix | Delete

* @var CSSVars

[30] Fix | Delete

[31] Fix | Delete

private $themes_data;

[32] Fix | Delete

[33] Fix | Delete

/**

[34] Fix | Delete

* Initialize class.

[35] Fix | Delete

[36] Fix | Delete

* @since 1.9.6

[37] Fix | Delete

[38] Fix | Delete

* @param Widget|mixed $widget_obj Widget object.

[39] Fix | Delete

* @param ThemesData|mixed $themes_data ThemesData object.

[40] Fix | Delete

[41] Fix | Delete

public function __construct( $widget_obj, $themes_data ) {

[42] Fix | Delete

[43] Fix | Delete

if ( ! $widget_obj || ! $themes_data || ! wpforms_is_wpforms_rest() ) {

[44] Fix | Delete

return;

[45] Fix | Delete

}

[46] Fix | Delete

[47] Fix | Delete

$this->themes_data = $themes_data;

[48] Fix | Delete

[49] Fix | Delete

$this->hooks();

[50] Fix | Delete

}

[51] Fix | Delete

[52] Fix | Delete

/**

[53] Fix | Delete

* Hooks.

[54] Fix | Delete

[55] Fix | Delete

* @since 1.9.6

[56] Fix | Delete

[57] Fix | Delete

private function hooks(): void {

[58] Fix | Delete

[59] Fix | Delete

add_action( 'rest_api_init', [ $this, 'register_api_routes' ], 20 );

[60] Fix | Delete

}

[61] Fix | Delete

[62] Fix | Delete

/**

[63] Fix | Delete

* Register API routes for Elementor Modern widget.

[64] Fix | Delete

[65] Fix | Delete

* @since 1.9.6

[66] Fix | Delete

[67] Fix | Delete

public function register_api_routes() {

[68] Fix | Delete

[69] Fix | Delete

/**

[70] Fix | Delete

* Register routes with WordPress.

[71] Fix | Delete

[72] Fix | Delete

* @see https://developer.wordpress.org/reference/functions/register_rest_route/

[73] Fix | Delete

[74] Fix | Delete

register_rest_route(

[75] Fix | Delete

self::ROUTE_NAMESPACE,

[76] Fix | Delete

'/elementor/themes/',

[77] Fix | Delete

[

[78] Fix | Delete

'methods' => 'GET',

[79] Fix | Delete

'callback' => [ $this, 'get_themes' ],

[80] Fix | Delete

'permission_callback' => [ $this, 'permissions_check' ],

[81] Fix | Delete

]

[82] Fix | Delete

);

[83] Fix | Delete

[84] Fix | Delete

register_rest_route(

[85] Fix | Delete

self::ROUTE_NAMESPACE,

[86] Fix | Delete

'/elementor/themes/custom/',

[87] Fix | Delete

[

[88] Fix | Delete

'methods' => 'POST',

[89] Fix | Delete

'callback' => [ $this, 'save_themes' ],

[90] Fix | Delete

'permission_callback' => [ $this, 'admin_permissions_check' ],

[91] Fix | Delete

]

[92] Fix | Delete

);

[93] Fix | Delete

}

[94] Fix | Delete

[95] Fix | Delete

/**

[96] Fix | Delete

* Check if a user has permission to access private data.

[97] Fix | Delete

[98] Fix | Delete

* @since 1.9.6

[99] Fix | Delete

[100] Fix | Delete

* @return true|WP_Error True if a user has permission.

[101] Fix | Delete

[102] Fix | Delete

public function permissions_check() {

[103] Fix | Delete

[104] Fix | Delete

// Restrict endpoint to only users who have the edit_posts capability.

[105] Fix | Delete

if ( ! current_user_can( 'edit_posts' ) ) {

[106] Fix | Delete

return new WP_Error( 'rest_forbidden', esc_html__( 'This route is private.', 'wpforms-lite' ), [ 'status' => 401 ] );

[107] Fix | Delete

}

[108] Fix | Delete

[109] Fix | Delete

return true;

[110] Fix | Delete

}

[111] Fix | Delete

[112] Fix | Delete

/**

[113] Fix | Delete

* Check if a user has admin permissions.

[114] Fix | Delete

[115] Fix | Delete

* @since 1.9.6

[116] Fix | Delete

[117] Fix | Delete

* @return true|WP_Error True if a user has permission.

[118] Fix | Delete

[119] Fix | Delete

public function admin_permissions_check() {

[120] Fix | Delete

[121] Fix | Delete

// Restrict endpoint to only users who have the manage_options capability.

[122] Fix | Delete

if ( ! current_user_can( 'manage_options' ) ) {

[123] Fix | Delete

return new WP_Error( 'rest_forbidden', esc_html__( 'This route is accessible only to administrators.', 'wpforms-lite' ), [ 'status' => 401 ] );

[124] Fix | Delete

}

[125] Fix | Delete

[126] Fix | Delete

return true;

[127] Fix | Delete

}

[128] Fix | Delete

[129] Fix | Delete

/**

[130] Fix | Delete

* Return themes as a protected WP_REST_Response object.

[131] Fix | Delete

[132] Fix | Delete

* @since 1.9.6

[133] Fix | Delete

[134] Fix | Delete

* @return WP_Error|WP_REST_Response

[135] Fix | Delete

[136] Fix | Delete

public function get_themes() {

[137] Fix | Delete

[138] Fix | Delete

$custom_themes = $this->themes_data->get_custom_themes();

[139] Fix | Delete

$wpforms_themes = $this->themes_data->get_wpforms_themes();

[140] Fix | Delete

[141] Fix | Delete

return rest_ensure_response(

[142] Fix | Delete

[

[143] Fix | Delete

'custom' => ! empty( $custom_themes ) ? $custom_themes : null,

[144] Fix | Delete

'wpforms' => ! empty( $wpforms_themes ) ? $wpforms_themes : null,

[145] Fix | Delete

]

[146] Fix | Delete

);

[147] Fix | Delete

}

[148] Fix | Delete

[149] Fix | Delete

/**

[150] Fix | Delete

* Save custom themes.

[151] Fix | Delete

[152] Fix | Delete

* @since 1.9.6

[153] Fix | Delete

[154] Fix | Delete

* @param WP_REST_Request $request Request object.

[155] Fix | Delete

[156] Fix | Delete

* @return WP_Error|WP_REST_Response

[157] Fix | Delete

[158] Fix | Delete

public function save_themes( WP_REST_Request $request ) {

[159] Fix | Delete

[160] Fix | Delete

$custom_themes = (array) ( $request->get_param( 'customThemes' ) ?? [] );

[161] Fix | Delete

[162] Fix | Delete

// Save custom themes data and return REST response.

[163] Fix | Delete

$result = $this->themes_data->update_custom_themes_file( $custom_themes );

[164] Fix | Delete

[165] Fix | Delete

if ( ! $result ) {

[166] Fix | Delete

return rest_ensure_response(

[167] Fix | Delete

[

[168] Fix | Delete

'result' => false,

[169] Fix | Delete

'error' => esc_html__( 'Can\'t save theme data.', 'wpforms-lite' ),

[170] Fix | Delete

]

[171] Fix | Delete

);

[172] Fix | Delete

}

[173] Fix | Delete

[174] Fix | Delete

return rest_ensure_response( [ 'result' => true ] );

[175] Fix | Delete

}

[176] Fix | Delete

}

[177] Fix | Delete

[178] Fix | Delete