Edit File by line

<?php

[0] Fix | Delete

[1] Fix | Delete

namespace WPForms\Integrations\Gutenberg;

[2] Fix | Delete

[3] Fix | Delete

use WP_Error;

[4] Fix | Delete

use WP_REST_Request; // phpcs:ignore WPForms.PHP.UseStatement.UnusedUseStatement

[5] Fix | Delete

use WP_REST_Response; // phpcs:ignore WPForms.PHP.UseStatement.UnusedUseStatement

[6] Fix | Delete

[7] Fix | Delete

/**

[8] Fix | Delete

* Rest API for Gutenberg block.

[9] Fix | Delete

[10] Fix | Delete

* @since 1.8.8

[11] Fix | Delete

[12] Fix | Delete

class RestApi {

[13] Fix | Delete

[14] Fix | Delete

/**

[15] Fix | Delete

* Route prefix.

[16] Fix | Delete

[17] Fix | Delete

* @since 1.8.8

[18] Fix | Delete

[19] Fix | Delete

* @var string

[20] Fix | Delete

[21] Fix | Delete

const ROUTE_NAMESPACE = '/wpforms/v1/';

[22] Fix | Delete

[23] Fix | Delete

/**

[24] Fix | Delete

* FormSelector class instance.

[25] Fix | Delete

[26] Fix | Delete

* @since 1.8.8

[27] Fix | Delete

[28] Fix | Delete

* @var FormSelector

[29] Fix | Delete

[30] Fix | Delete

private $form_selector_obj;

[31] Fix | Delete

[32] Fix | Delete

/**

[33] Fix | Delete

* ThemesData class instance.

[34] Fix | Delete

[35] Fix | Delete

* @since 1.8.8

[36] Fix | Delete

[37] Fix | Delete

* @var ThemesData

[38] Fix | Delete

[39] Fix | Delete

private $themes_data_obj;

[40] Fix | Delete

[41] Fix | Delete

/**

[42] Fix | Delete

* Initialize class.

[43] Fix | Delete

[44] Fix | Delete

* @since 1.8.8

[45] Fix | Delete

[46] Fix | Delete

* @param FormSelector|mixed $form_selector_obj FormSelector object.

[47] Fix | Delete

* @param ThemesData|mixed $themes_data_obj ThemesData object.

[48] Fix | Delete

[49] Fix | Delete

public function __construct( $form_selector_obj, $themes_data_obj ) {

[50] Fix | Delete

[51] Fix | Delete

if ( ! $form_selector_obj || ! $themes_data_obj || ! wpforms_is_wpforms_rest() ) {

[52] Fix | Delete

return;

[53] Fix | Delete

}

[54] Fix | Delete

[55] Fix | Delete

$this->form_selector_obj = $form_selector_obj;

[56] Fix | Delete

$this->themes_data_obj = $themes_data_obj;

[57] Fix | Delete

[58] Fix | Delete

$this->hooks();

[59] Fix | Delete

}

[60] Fix | Delete

[61] Fix | Delete

/**

[62] Fix | Delete

* Hooks.

[63] Fix | Delete

[64] Fix | Delete

* @since 1.8.8

[65] Fix | Delete

[66] Fix | Delete

private function hooks() {

[67] Fix | Delete

[68] Fix | Delete

add_action( 'rest_api_init', [ $this, 'register_api_routes' ], 20 );

[69] Fix | Delete

}

[70] Fix | Delete

[71] Fix | Delete

/**

[72] Fix | Delete

* Register API routes for Gutenberg block.

[73] Fix | Delete

[74] Fix | Delete

* @since 1.8.8

[75] Fix | Delete

[76] Fix | Delete

public function register_api_routes() {

[77] Fix | Delete

[78] Fix | Delete

/**

[79] Fix | Delete

* Register routes with WordPress.

[80] Fix | Delete

[81] Fix | Delete

* @see https://developer.wordpress.org/reference/functions/register_rest_route/

[82] Fix | Delete

[83] Fix | Delete

register_rest_route(

[84] Fix | Delete

self::ROUTE_NAMESPACE,

[85] Fix | Delete

'/forms/',

[86] Fix | Delete

[

[87] Fix | Delete

'methods' => 'GET',

[88] Fix | Delete

'callback' => [ $this, 'get_forms' ],

[89] Fix | Delete

'permission_callback' => [ $this, 'permissions_check' ],

[90] Fix | Delete

]

[91] Fix | Delete

);

[92] Fix | Delete

[93] Fix | Delete

register_rest_route(

[94] Fix | Delete

self::ROUTE_NAMESPACE,

[95] Fix | Delete

'/themes/',

[96] Fix | Delete

[

[97] Fix | Delete

'methods' => 'GET',

[98] Fix | Delete

'callback' => [ $this, 'get_themes' ],

[99] Fix | Delete

'permission_callback' => [ $this, 'permissions_check' ],

[100] Fix | Delete

]

[101] Fix | Delete

);

[102] Fix | Delete

[103] Fix | Delete

register_rest_route(

[104] Fix | Delete

self::ROUTE_NAMESPACE,

[105] Fix | Delete

'/themes/custom/',

[106] Fix | Delete

[

[107] Fix | Delete

'methods' => 'POST',

[108] Fix | Delete

'callback' => [ $this, 'save_themes' ],

[109] Fix | Delete

'permission_callback' => [ $this, 'admin_permissions_check' ],

[110] Fix | Delete

]

[111] Fix | Delete

);

[112] Fix | Delete

}

[113] Fix | Delete

[114] Fix | Delete

/**

[115] Fix | Delete

* Check if a user has permission to access private data.

[116] Fix | Delete

[117] Fix | Delete

* @since 1.8.8

[118] Fix | Delete

[119] Fix | Delete

* @see https://developer.wordpress.org/rest-api/extending-the-rest-api/routes-and-endpoints/#permissions-callback

[120] Fix | Delete

[121] Fix | Delete

* @return true|WP_Error True if a user has permission.

[122] Fix | Delete

[123] Fix | Delete

public function permissions_check() {

[124] Fix | Delete

[125] Fix | Delete

// Restrict endpoint to only users who have the edit_posts capability.

[126] Fix | Delete

if ( ! current_user_can( 'edit_posts' ) ) {

[127] Fix | Delete

return new WP_Error( 'rest_forbidden', esc_html__( 'This route is private.', 'wpforms-lite' ), [ 'status' => 401 ] );

[128] Fix | Delete

}

[129] Fix | Delete

[130] Fix | Delete

return true;

[131] Fix | Delete

}

[132] Fix | Delete

[133] Fix | Delete

/**

[134] Fix | Delete

* Check if a user has admin permissions.

[135] Fix | Delete

[136] Fix | Delete

* @since 1.9.2.3

[137] Fix | Delete

[138] Fix | Delete

* @return true|WP_Error True if a user has permission.

[139] Fix | Delete

[140] Fix | Delete

public function admin_permissions_check() {

[141] Fix | Delete

[142] Fix | Delete

// Restrict endpoint to only users who have the manage_options capability.

[143] Fix | Delete

if ( ! current_user_can( 'manage_options' ) ) {

[144] Fix | Delete

return new WP_Error( 'rest_forbidden', esc_html__( 'This route is accessible only to administrators.', 'wpforms-lite' ), [ 'status' => 401 ] );

[145] Fix | Delete

}

[146] Fix | Delete

[147] Fix | Delete

return true;

[148] Fix | Delete

}

[149] Fix | Delete

[150] Fix | Delete

/**

[151] Fix | Delete

* Return form list protected WP_REST_Response object.

[152] Fix | Delete

[153] Fix | Delete

* @since 1.8.8

[154] Fix | Delete

[155] Fix | Delete

* @return WP_Error|WP_REST_Response

[156] Fix | Delete

[157] Fix | Delete

public function get_forms() {

[158] Fix | Delete

[159] Fix | Delete

return rest_ensure_response( $this->form_selector_obj->get_form_list() );

[160] Fix | Delete

}

[161] Fix | Delete

[162] Fix | Delete

/**

[163] Fix | Delete

* Return themes as protected WP_REST_Response object.

[164] Fix | Delete

[165] Fix | Delete

* @since 1.8.8

[166] Fix | Delete

[167] Fix | Delete

* @return WP_Error|WP_REST_Response

[168] Fix | Delete

[169] Fix | Delete

public function get_themes() {

[170] Fix | Delete

[171] Fix | Delete

$custom_themes = $this->themes_data_obj->get_custom_themes();

[172] Fix | Delete

$wpforms_themes = $this->themes_data_obj->get_wpforms_themes();

[173] Fix | Delete

[174] Fix | Delete

return rest_ensure_response(

[175] Fix | Delete

[

[176] Fix | Delete

'custom' => ! empty( $custom_themes ) ? $custom_themes : null,

[177] Fix | Delete

'wpforms' => ! empty( $wpforms_themes ) ? $wpforms_themes : null,

[178] Fix | Delete

]

[179] Fix | Delete

);

[180] Fix | Delete

}

[181] Fix | Delete

[182] Fix | Delete

/**

[183] Fix | Delete

* Save custom themes.

[184] Fix | Delete

[185] Fix | Delete

* @since 1.8.8

[186] Fix | Delete

[187] Fix | Delete

* @param WP_REST_Request $request Request object.

[188] Fix | Delete

[189] Fix | Delete

* @return WP_Error|WP_REST_Response

[190] Fix | Delete

[191] Fix | Delete

public function save_themes( WP_REST_Request $request ) {

[192] Fix | Delete

[193] Fix | Delete

// Determine custom themes file path.

[194] Fix | Delete

$themes_file = $this->themes_data_obj->get_custom_themes_file_path();

[195] Fix | Delete

[196] Fix | Delete

// In the case of error.

[197] Fix | Delete

if ( ! $themes_file ) {

[198] Fix | Delete

return rest_ensure_response(

[199] Fix | Delete

[

[200] Fix | Delete

'result' => false,

[201] Fix | Delete

'error' => esc_html__( 'Can\'t create themes storage file.', 'wpforms-lite' ),

[202] Fix | Delete

]

[203] Fix | Delete

);

[204] Fix | Delete

}

[205] Fix | Delete

[206] Fix | Delete

$custom_themes = (array) ( $request->get_param( 'customThemes' ) ?? [] );

[207] Fix | Delete

[208] Fix | Delete

// Save custom themes data and return REST response.

[209] Fix | Delete

$result = $this->themes_data_obj->update_custom_themes_file( $custom_themes );

[210] Fix | Delete

[211] Fix | Delete

if ( ! $result ) {

[212] Fix | Delete

return rest_ensure_response(

[213] Fix | Delete

[

[214] Fix | Delete

'result' => false,

[215] Fix | Delete

'error' => esc_html__( 'Can\'t save theme data.', 'wpforms-lite' ),

[216] Fix | Delete

]

[217] Fix | Delete

);

[218] Fix | Delete

}

[219] Fix | Delete

[220] Fix | Delete

return rest_ensure_response( [ 'result' => true ] );

[221] Fix | Delete

}

[222] Fix | Delete

}

[223] Fix | Delete

[224] Fix | Delete