189 lines
5.3 KiB
PHP
189 lines
5.3 KiB
PHP
<?php
|
|
if ( ! defined( 'ABSPATH' ) ) {
|
|
exit;
|
|
}
|
|
|
|
/**
|
|
* Base class for settings endpoints so common code can be shared. Handles permissions
|
|
* and helper functions used by both settings and groups endpoints.
|
|
*
|
|
* @author WooThemes
|
|
* @category API
|
|
* @package WooCommerce/Abstracts
|
|
* @extends WP_REST_Controller
|
|
* @version 2.7.0
|
|
*/
|
|
class WC_REST_Settings_API_Controller extends WC_REST_Controller {
|
|
|
|
/**
|
|
* Route base.
|
|
*
|
|
* @var string
|
|
*/
|
|
protected $rest_base = 'settings';
|
|
|
|
/**
|
|
* Makes sure the current user has access to the settings APIs.
|
|
*
|
|
* @since 2.7.0
|
|
* @param WP_REST_Request $request Full details about the request.
|
|
* @return WP_Error|boolean
|
|
*/
|
|
public function permissions_check( $request ) {
|
|
if ( ! current_user_can( 'manage_options' ) ) {
|
|
return new WP_Error(
|
|
'woocommerce_rest_cannot_view',
|
|
__( 'Sorry, you cannot access settings.', 'woocommerce' ),
|
|
array( 'status' => rest_authorization_required_code() )
|
|
);
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Cleans a value before setting it.
|
|
*
|
|
* @since 2.7.0
|
|
*
|
|
* @param array $setting WC Setting Array
|
|
* @param mixed $raw_value Raw value from PUT request
|
|
* @return mixed Sanitized value
|
|
*/
|
|
public function sanitize_setting_value( $setting, $raw_value ) {
|
|
switch ( $setting['type'] ) {
|
|
case 'checkbox' :
|
|
$default = ( ! empty( $setting['default'] ) ? $setting['default'] : 'no' );
|
|
$value = ( in_array( $raw_value, array( 'yes', 'no' ) ) ? $raw_value : $default );
|
|
break;
|
|
case 'email' :
|
|
$value = sanitize_email( $raw_value );
|
|
$default = ( ! empty( $setting['default'] ) ? $setting['default'] : '' );
|
|
$value = ( ! empty( $value ) ? $value : $default );
|
|
break;
|
|
case 'textarea' :
|
|
$value = wp_kses( trim( $raw_value ),
|
|
array_merge(
|
|
array(
|
|
'iframe' => array( 'src' => true, 'style' => true, 'id' => true, 'class' => true )
|
|
),
|
|
wp_kses_allowed_html( 'post' )
|
|
)
|
|
);
|
|
break;
|
|
case 'multiselect' :
|
|
case 'multi_select_countries' :
|
|
$value = array_filter( array_map( 'wc_clean', (array) $raw_value ) );
|
|
break;
|
|
case 'image_width' :
|
|
$value = array();
|
|
if ( isset( $raw_value['width'] ) ) {
|
|
$value['width'] = wc_clean( $raw_value['width'] );
|
|
$value['height'] = wc_clean( $raw_value['height'] );
|
|
$value['crop'] = isset( $raw_value['crop'] ) ? 1 : 0;
|
|
} else {
|
|
$value['width'] = $setting['default']['width'];
|
|
$value['height'] = $setting['default']['height'];
|
|
$value['crop'] = $setting['default']['crop'];
|
|
}
|
|
break;
|
|
case 'select':
|
|
$options = array_keys( $setting['options'] );
|
|
$default = ( empty( $setting['default'] ) ? $options[0] : $setting['default'] );
|
|
$value = in_array( $raw_value, $options ) ? $raw_value : $default;
|
|
break;
|
|
default :
|
|
$value = wc_clean( $raw_value );
|
|
break;
|
|
}
|
|
|
|
// A couple fields changed in the REST API -- we can just pass these too so old filters still work
|
|
$setting['desc'] = ( ! empty( $setting['description'] ) ? $setting['description'] : '' );
|
|
$setting['title'] = ( ! empty( $setting['label'] ) ? $setting['label'] : '' );
|
|
|
|
$value = apply_filters( 'woocommerce_admin_settings_sanitize_option', $value, $setting, $raw_value );
|
|
$value = apply_filters( "woocommerce_admin_settings_sanitize_option_" . $setting['id'], $value, $setting, $raw_value );
|
|
do_action( 'woocommerce_update_option', $setting );
|
|
|
|
return $value;
|
|
}
|
|
|
|
/**
|
|
* Get a value from WP's settings API.
|
|
*
|
|
* @since 2.7.0
|
|
* @param string $setting
|
|
* @param string $default
|
|
* @return mixed
|
|
*/
|
|
public function get_value( $setting, $default = '' ) {
|
|
if ( strstr( $setting, '[' ) ) { // Array value.
|
|
parse_str( $setting, $setting_array );
|
|
$setting = current( array_keys( $setting ) );
|
|
$values = get_option( $setting, '' );
|
|
$key = key( $setting_array[ $setting ] );
|
|
$value = isset( $values[ $key ] ) ? $values[ $key ] : null;
|
|
} else { // Single value.
|
|
$value = get_option( $setting, null );
|
|
}
|
|
|
|
if ( is_array( $value ) ) {
|
|
$value = array_map( 'stripslashes', $value );
|
|
} elseif ( ! is_null( $value ) ) {
|
|
$value = stripslashes( $value );
|
|
}
|
|
|
|
return $value === null ? $default : $value;
|
|
}
|
|
|
|
/**
|
|
* Filters out bad values from the settings array/filter so we
|
|
* only return known values via the API.
|
|
*
|
|
* @since 2.7.0
|
|
* @param array $setting
|
|
* @return array
|
|
*/
|
|
public function filter_setting( $setting ) {
|
|
$setting = array_intersect_key(
|
|
$setting,
|
|
array_flip( array_filter( array_keys( $setting ), array( $this, 'allowed_setting_keys' ) ) )
|
|
);
|
|
|
|
if ( empty( $setting['options'] ) ) {
|
|
unset( $setting['options'] );
|
|
}
|
|
|
|
return $setting;
|
|
}
|
|
|
|
/**
|
|
* Callback for allowed keys for each setting response.
|
|
*
|
|
* @since 2.7.0
|
|
* @param string $key Key to check
|
|
* @return boolean
|
|
*/
|
|
public function allowed_setting_keys( $key ) {
|
|
return in_array( $key, array(
|
|
'id', 'label', 'description', 'default', 'tip',
|
|
'placeholder', 'type', 'options', 'value',
|
|
) );
|
|
}
|
|
|
|
/**
|
|
* Boolean for if a setting type is a valid supported setting type.
|
|
*
|
|
* @since 2.7.0
|
|
* @param string $type
|
|
* @return boolean
|
|
*/
|
|
public function is_setting_type_valid( $type ) {
|
|
return in_array( $type, array(
|
|
'text', 'email', 'number', 'color', 'password',
|
|
'textarea', 'select', 'multiselect', 'radio', 'checkbox',
|
|
'multi_select_countries', 'image_width',
|
|
) );
|
|
}
|
|
}
|