Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
86.79% covered (warning)
86.79%
46 / 53
60.00% covered (warning)
60.00%
6 / 10
CRAP
0.00% covered (danger)
0.00%
0 / 1
REST_Controller
86.79% covered (warning)
86.79%
46 / 53
60.00% covered (warning)
60.00%
6 / 10
17.67
0.00% covered (danger)
0.00%
0 / 1
 __construct
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
1
 register
0.00% covered (danger)
0.00%
0 / 1
0.00% covered (danger)
0.00%
0 / 1
2
 register_rest_routes
100.00% covered (success)
100.00%
29 / 29
100.00% covered (success)
100.00%
1 / 1
2
 can_user_view_blaze_settings
100.00% covered (success)
100.00%
4 / 4
100.00% covered (success)
100.00%
1 / 1
3
 blaze_eligibility
0.00% covered (danger)
0.00%
0 / 4
0.00% covered (danger)
0.00%
0 / 1
6
 is_dashboard_enabled
0.00% covered (danger)
0.00%
0 / 1
0.00% covered (danger)
0.00%
0 / 1
2
 get_active_campaigns
100.00% covered (success)
100.00%
4 / 4
100.00% covered (success)
100.00%
1 / 1
2
 is_user_connected
66.67% covered (warning)
66.67%
2 / 3
0.00% covered (danger)
0.00%
0 / 1
3.33
 get_forbidden_error
100.00% covered (success)
100.00%
5 / 5
100.00% covered (success)
100.00%
1 / 1
1
 get_site_id
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
1
1<?php
2/**
3 * The Blaze Rest Controller class.
4 * Registers the REST routes for Blaze Dashboard.
5 *
6 * @package automattic/jetpack-blaze
7 */
8
9namespace Automattic\Jetpack\Blaze;
10
11use Automattic\Jetpack\Blaze;
12use Automattic\Jetpack\Connection\Manager as Connection_Manager;
13use Automattic\Jetpack\Status\Host;
14use WP_Error;
15use WP_REST_Server;
16
17/**
18 * Registers general REST routes for Blaze.
19 */
20class REST_Controller {
21    /**
22     * Namespace for the REST API.
23     *
24     * @var string
25     */
26    public static $namespace = 'jetpack/v4/blaze';
27
28    /**
29     * Connection manager object.
30     *
31     * @var \Automattic\Jetpack\Connection\Manager
32     */
33    private $connection;
34
35    /**
36     * Creates the REST_Controller object.
37     *
38     * @param \Automattic\Jetpack\Connection\Manager $connection The connection manager object.
39     */
40    public function __construct( $connection = null ) {
41        $this->connection = $connection ?? new Connection_Manager();
42    }
43
44    /**
45     * Registers the REST routes on the `rest_api_init` hook.
46     *
47     * Instantiated here, rather than eagerly, so the controller class only loads
48     * on requests that reach `rest_api_init`. Static so the callback can be
49     * unregistered.
50     *
51     * @access public
52     */
53    public static function register() {
54        ( new self() )->register_rest_routes();
55    }
56
57    /**
58     * Registers the REST routes.
59     *
60     * @access public
61     */
62    public function register_rest_routes() {
63        $site_id = $this->get_site_id();
64
65        if ( ! is_wp_error( $site_id ) ) {
66            register_rest_route(
67                static::$namespace,
68                'eligibility',
69                array(
70                    'methods'             => WP_REST_Server::READABLE,
71                    'callback'            => array( $this, 'blaze_eligibility' ),
72                    'permission_callback' => array( $this, 'can_user_view_blaze_settings' ),
73                )
74            );
75
76            register_rest_route(
77                static::$namespace,
78                'dashboard',
79                array(
80                    'methods'             => WP_REST_Server::READABLE,
81                    'callback'            => array( $this, 'is_dashboard_enabled' ),
82                    'permission_callback' => array( $this, 'can_user_view_blaze_settings' ),
83                )
84            );
85        }
86
87        register_rest_route(
88            static::$namespace,
89            'active-campaigns',
90            array(
91                'methods'             => WP_REST_Server::READABLE,
92                'callback'            => array( $this, 'get_active_campaigns' ),
93                'permission_callback' => array( $this, 'can_user_view_blaze_settings' ),
94            )
95        );
96    }
97
98    /**
99     * Only administrators can access the API.
100     *
101     * @return bool|WP_Error True if a blog token was used to sign the request, WP_Error otherwise.
102     */
103    public function can_user_view_blaze_settings() {
104        if (
105            $this->is_user_connected()
106            && current_user_can( 'manage_options' )
107        ) {
108            return true;
109        }
110
111        return $this->get_forbidden_error();
112    }
113
114    /**
115     * Get the eligibility for Blaze.
116     *
117     * @return bool
118     */
119    public function blaze_eligibility() {
120        $site_id = $this->get_site_id();
121        if ( is_wp_error( $site_id ) ) {
122            return false;
123        }
124
125        return (bool) Blaze::site_supports_blaze( $site_id );
126    }
127
128    /**
129     * Check if the dashboard is enabled.
130     *
131     * @return bool
132     */
133    public function is_dashboard_enabled() {
134        return (bool) Blaze::is_dashboard_enabled();
135    }
136
137    /**
138     * Get active Blaze campaign status for the site.
139     *
140     * @return array
141     */
142    public function get_active_campaigns() {
143        $site_id = $this->get_site_id();
144        if ( is_wp_error( $site_id ) ) {
145            return Blaze::get_active_campaigns_status( 0 );
146        }
147
148        return Blaze::get_active_campaigns_status( $site_id );
149    }
150
151    /**
152     * Check if the current user is connected.
153     * On WordPress.com Simple, it is always connected.
154     *
155     * @return true
156     */
157    private function is_user_connected() {
158        if ( ( new Host() )->is_wpcom_simple() ) {
159            return true;
160        }
161
162        return $this->connection->is_connected() && $this->connection->is_user_connected();
163    }
164
165    /**
166     * Return a WP_Error object with a forbidden error.
167     */
168    protected function get_forbidden_error() {
169        $error_msg = esc_html__(
170            'You are not allowed to perform this action.',
171            'jetpack-blaze'
172        );
173
174        return new WP_Error( 'rest_forbidden', $error_msg, array( 'status' => rest_authorization_required_code() ) );
175    }
176
177    /**
178     * Get the site ID.
179     *
180     * @return int|WP_Error
181     */
182    private function get_site_id() {
183        return Connection_Manager::get_site_id();
184    }
185}