Code Coverage for projects/plugins/jetpack/json-endpoints/class.wpcom-json-api-render-embed-endpoint.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 52	0.00% covered (danger)	0.00%	0 / 1	CRAP	0.00% covered (danger)	0.00%	0 / 1
WPCOM_JSON_API_Render_Embed_Endpoint	0.00% covered (danger)	0.00%	0 / 25	0.00% covered (danger)	0.00%	0 / 1	90	0.00% covered (danger)	0.00%	0 / 1
callback	0.00% covered (danger)	0.00%	0 / 25	0.00% covered (danger)	0.00%	0 / 1	90

1	<?php // phpcs:ignore WordPress.Files.FileName.InvalidClassFileName
2
3	if ( ! defined( 'ABSPATH' ) ) {
4	exit( 0 );
5	}
6
7	new WPCOM_JSON_API_Render_Embed_Endpoint(
8	array(
9	'description' => 'Get a rendered embed for a site. Note: The current user must have publishing access.',
10	'group' => 'sites',
11	'stat' => 'embeds:render',
12	'method' => 'GET',
13	'path' => '/sites/%s/embeds/render',
14	'path_labels' => array(
15	'$site' => '(int\|string) Site ID or domain',
16	),
17	'query_parameters' => array(
18	'embed_url' => '(string) The query-string encoded embed URL to render. Required. Only accepts one at a time.',
19	),
20	'response_format' => array(
21	'embed_url' => '(string) The embed_url that was passed in for rendering.',
22	'result' => '(html) The rendered HTML result of the embed.',
23	),
24	'example_request' => 'https://public-api.wordpress.com/rest/v1/sites/apiexamples.wordpress.com/embeds/render?embed_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DSQEQr7c0-dw',
25	'example_request_data' => array(
26	'headers' => array(
27	'authorization' => 'Bearer YOUR_API_TOKEN',
28	),
29	),
30	)
31	);
32
33	/**
34	* Render embed endpoint class.
35	*
36	* /sites/%s/embeds/render -> $blog_id
37	*
38	* @phan-constructor-used-for-side-effects
39	*/
40	class WPCOM_JSON_API_Render_Embed_Endpoint extends WPCOM_JSON_API_Render_Endpoint {
41	/**
42	* API Callback.
43	*
44	* @param string $path - the path.
45	* @param int $blog_id - the blog ID.
46	*
47	* @return array\|WP_Error
48	*/
49	public function callback( $path = '', $blog_id = 0 ) {
50	$blog_id = $this->api->switch_to_blog_and_validate_user( $this->api->get_blog_id( $blog_id ) );
51	if ( is_wp_error( $blog_id ) ) {
52	return $blog_id;
53	}
54
55	if ( ! current_user_can( 'edit_posts' ) ) {
56	return new WP_Error( 'unauthorized', __( 'Your token must have permission to post on this blog.', 'jetpack' ), 403 );
57	}
58
59	$args = $this->query_args();
60	$embed_url = trim( $args['embed_url'] );
61
62	// quick validation
63	if ( ! preg_match_all( '\|^\s(https?://[^\s"]+)\s$\|im', $embed_url, $matches ) ) {
64	return new WP_Error( 'invalid_embed_url', __( 'The embed_url parameter must be a valid URL.', 'jetpack' ), 400 );
65	}
66
67	if ( is_countable( $matches[1] ) && count( $matches[1] ) > 1 ) {
68	return new WP_Error( 'invalid_embed', __( 'Only one embed can be rendered at a time.', 'jetpack' ), 400 );
69	}
70
71	$embed_url = array_shift( $matches[1] );
72	$parts = wp_parse_url( $embed_url );
73	if ( ! $parts ) {
74	return new WP_Error( 'invalid_embed_url', __( 'The embed_url parameter must be a valid URL.', 'jetpack' ), 400 );
75	}
76
77	global $wp_embed;
78	$render = $this->process_render( array( $this, 'do_embed' ), $embed_url );
79
80	// if nothing happened, then the shortcode does not exist.
81	$is_an_embed = ( $embed_url !== $render['result'] && $wp_embed->maybe_make_link( $embed_url ) !== $render['result'] );
82	if ( ! $is_an_embed ) {
83	return new WP_Error( 'invalid_embed', __( 'The requested URL is not an embed.', 'jetpack' ), 400 );
84	}
85
86	// our output for this endpoint..
87	$return = array();
88	$return['embed_url'] = $embed_url;
89	$return['result'] = $render['result'];
90
91	$return = $this->add_assets( $return, $render['loaded_scripts'], $render['loaded_styles'] );
92
93	return $return;
94	}
95	}