Edit File by line

<?php

[0] Fix | Delete

/**

[1] Fix | Delete

* REST API Settings Controller

[2] Fix | Delete

[3] Fix | Delete

* Handles requests to save Settings.

[4] Fix | Delete

[5] Fix | Delete

[6] Fix | Delete

declare( strict_types = 1);

[7] Fix | Delete

[8] Fix | Delete

namespace Automattic\WooCommerce\Admin\API;

[9] Fix | Delete

[10] Fix | Delete

use WC_Admin_Settings;

[11] Fix | Delete

use Automattic\WooCommerce\Admin\Features\Settings\Init;

[12] Fix | Delete

[13] Fix | Delete

defined( 'ABSPATH' ) || exit;

[14] Fix | Delete

[15] Fix | Delete

/**

[16] Fix | Delete

* Settings Controller.

[17] Fix | Delete

[18] Fix | Delete

* @extends WC_REST_Data_Controller

[19] Fix | Delete

[20] Fix | Delete

class Settings extends \WC_REST_Data_Controller {

[21] Fix | Delete

/**

[22] Fix | Delete

* Endpoint namespace.

[23] Fix | Delete

[24] Fix | Delete

* @var string

[25] Fix | Delete

[26] Fix | Delete

protected $namespace = 'wc-admin';

[27] Fix | Delete

[28] Fix | Delete

/**

[29] Fix | Delete

* Route base.

[30] Fix | Delete

[31] Fix | Delete

* @var string

[32] Fix | Delete

[33] Fix | Delete

protected $rest_base = 'legacy-settings';

[34] Fix | Delete

[35] Fix | Delete

/**

[36] Fix | Delete

* Register routes.

[37] Fix | Delete

[38] Fix | Delete

public function register_routes() {

[39] Fix | Delete

register_rest_route(

[40] Fix | Delete

$this->namespace,

[41] Fix | Delete

'/' . $this->rest_base,

[42] Fix | Delete

array(

[43] Fix | Delete

array(

[44] Fix | Delete

'methods' => \WP_REST_Server::EDITABLE,

[45] Fix | Delete

'callback' => array( $this, 'save_settings' ),

[46] Fix | Delete

'permission_callback' => array( $this, 'save_items_permissions_check' ),

[47] Fix | Delete

'args' => array(

[48] Fix | Delete

'schema' => array( $this, 'save_items_schema' ),

[49] Fix | Delete

[50] Fix | Delete

[51] Fix | Delete

)

[52] Fix | Delete

);

[53] Fix | Delete

}

[54] Fix | Delete

[55] Fix | Delete

/**

[56] Fix | Delete

* Check if a given request has access to update settings.

[57] Fix | Delete

[58] Fix | Delete

* @param WP_REST_Request $request Full details about the request.

[59] Fix | Delete

* @return WP_Error|boolean

[60] Fix | Delete

[61] Fix | Delete

public function save_items_permissions_check( $request ) {

[62] Fix | Delete

return current_user_can( 'manage_woocommerce' );

[63] Fix | Delete

}

[64] Fix | Delete

[65] Fix | Delete

/**

[66] Fix | Delete

* Save settings.

[67] Fix | Delete

[68] Fix | Delete

* @param WP_REST_Request $request Full details about the request.

[69] Fix | Delete

* @return WP_Error|WP_REST_Response

[70] Fix | Delete

[71] Fix | Delete

public function save_settings( $request ) {

[72] Fix | Delete

global $current_section, $current_tab;

[73] Fix | Delete

[74] Fix | Delete

// Verify nonce.

[75] Fix | Delete

if ( ! check_ajax_referer( 'wp_rest', false, false ) ) {

[76] Fix | Delete

return new \WP_Error(

[77] Fix | Delete

'woocommerce_settings_invalid_nonce',

[78] Fix | Delete

__( 'Invalid nonce.', 'woocommerce' ),

[79] Fix | Delete

array( 'status' => 403 )

[80] Fix | Delete

);

[81] Fix | Delete

}

[82] Fix | Delete

[83] Fix | Delete

$params = $request->get_params();

[84] Fix | Delete

[85] Fix | Delete

try {

[86] Fix | Delete

// Get current tab/section and set global variables.

[87] Fix | Delete

$current_tab = empty( $params['tab'] ) ? 'general' : sanitize_title( wp_unslash( $params['tab'] ) ); // WPCS: input var okay, CSRF ok.

[88] Fix | Delete

$current_section = empty( $params['section'] ) ? '' : sanitize_title( wp_unslash( $params['section'] ) ); // WPCS: input var okay, CSRF ok.

[89] Fix | Delete

[90] Fix | Delete

$filter_name = '' === $current_section ?

[91] Fix | Delete

"woocommerce_save_settings_{$current_tab}" :

[92] Fix | Delete

"woocommerce_save_settings_{$current_tab}_{$current_section}";

[93] Fix | Delete

[94] Fix | Delete

/**

[95] Fix | Delete

* Filters whether to save settings.

[96] Fix | Delete

[97] Fix | Delete

* @since 3.7.0

[98] Fix | Delete

[99] Fix | Delete

* @param bool $save Whether to save settings.

[100] Fix | Delete

[101] Fix | Delete

if ( apply_filters( $filter_name, ! empty( $_POST['save'] ) ) ) { // WPCS: input var okay, CSRF ok.

[102] Fix | Delete

WC_Admin_Settings::save();

[103] Fix | Delete

}

[104] Fix | Delete

[105] Fix | Delete

$setting_pages = \WC_Admin_Settings::get_settings_pages();

[106] Fix | Delete

[107] Fix | Delete

// Reinitialize all setting pages in case behavior is dependent on saved values.

[108] Fix | Delete

foreach ( $setting_pages as $key => $setting_page ) {

[109] Fix | Delete

$class_name = get_class( $setting_page );

[110] Fix | Delete

$setting_pages[ $key ] = new $class_name();

[111] Fix | Delete

}

[112] Fix | Delete

[113] Fix | Delete

$data = Init::get_page_data( array(), $setting_pages );

[114] Fix | Delete

[115] Fix | Delete

return new \WP_REST_Response(

[116] Fix | Delete

array(

[117] Fix | Delete

'status' => 'success',

[118] Fix | Delete

'data' => $data,

[119] Fix | Delete

)

[120] Fix | Delete

);

[121] Fix | Delete

} catch ( \Exception $e ) {

[122] Fix | Delete

return new \WP_Error(

[123] Fix | Delete

'woocommerce_settings_save_error',

[124] Fix | Delete

// translators: %s: error message.

[125] Fix | Delete

sprintf( __( 'Failed to save settings: %s', 'woocommerce' ), $e->getMessage() ),

[126] Fix | Delete

array( 'status' => 500 )

[127] Fix | Delete

);

[128] Fix | Delete

}

[129] Fix | Delete

}

[130] Fix | Delete

[131] Fix | Delete

/**

[132] Fix | Delete

* Get the schema, conforming to JSON Schema.

[133] Fix | Delete

[134] Fix | Delete

* @return array

[135] Fix | Delete

[136] Fix | Delete

public function save_items_schema() {

[137] Fix | Delete

$schema = array(

[138] Fix | Delete

'$schema' => 'http://json-schema.org/draft-04/schema#',

[139] Fix | Delete

'title' => 'options',

[140] Fix | Delete

'type' => 'object',

[141] Fix | Delete

'properties' => array(

[142] Fix | Delete

'options' => array(

[143] Fix | Delete

'type' => 'array',

[144] Fix | Delete

'description' => __( 'Array of options with associated values.', 'woocommerce' ),

[145] Fix | Delete

'context' => array( 'view' ),

[146] Fix | Delete

'readonly' => true,

[147] Fix | Delete

[148] Fix | Delete

'tab' => array(

[149] Fix | Delete

'type' => 'string',

[150] Fix | Delete

'description' => __( 'Settings tab.', 'woocommerce' ),

[151] Fix | Delete

'context' => array( 'view', 'edit' ),

[152] Fix | Delete

'default' => 'general',

[153] Fix | Delete

[154] Fix | Delete

'section' => array(

[155] Fix | Delete

'type' => 'string',

[156] Fix | Delete

'description' => __( 'Settings section.', 'woocommerce' ),

[157] Fix | Delete

'context' => array( 'view', 'edit' ),

[158] Fix | Delete

'default' => '',

[159] Fix | Delete

[160] Fix | Delete

[161] Fix | Delete

);

[162] Fix | Delete

[163] Fix | Delete

return $schema;

[164] Fix | Delete

}

[165] Fix | Delete

}

[166] Fix | Delete

[167] Fix | Delete