2019-09-28 11:39:55 +02:00
< ? php
2019-10-21 08:24:14 +02:00
2019-09-28 11:39:55 +02:00
/**
* Abstract class to define / implement base methods for all controller classes
*
* @ package Opal_Job
* @ subpackage Opal_Job / controllers
*/
2019-10-04 08:26:00 +02:00
abstract class Opalestate_Base_API {
2019-10-21 08:24:14 +02:00
2019-09-28 11:39:55 +02:00
/**
* The unique identifier of this plugin .
*
* @ access protected
* @ var string $plugin_base_name The string used to uniquely identify this plugin .
*/
2019-10-21 08:24:14 +02:00
public $base ;
2019-10-03 10:45:46 +02:00
/**
* Post type .
*
* @ var string
*/
protected $post_type = '' ;
2019-09-28 11:39:55 +02:00
/**
* The unique identifier of this plugin .
*
* @ access protected
* @ var string $plugin_base_name The string used to uniquely identify this plugin .
*/
2019-10-21 08:24:14 +02:00
public $namespace = 'estate-api/v1' ;
2019-09-28 11:39:55 +02:00
/**
* Definition
*
2019-10-21 08:24:14 +02:00
* Register all Taxonomy related to Job post type as location , category , Specialism , Types
2019-09-28 11:39:55 +02:00
*/
2019-10-21 08:24:14 +02:00
public function __construct () {
add_action ( 'rest_api_init' , [ $this , 'register_routes' ] );
2019-09-28 11:39:55 +02:00
}
/**
* Definition
*
2019-10-21 08:24:14 +02:00
* Register all Taxonomy related to Job post type as location , category , Specialism , Types
2019-09-28 11:39:55 +02:00
*/
public function register_routes () {
2019-10-21 08:24:14 +02:00
2019-09-28 11:39:55 +02:00
}
2019-10-21 08:24:14 +02:00
public function get_response ( $code , $output ) {
$response = [];
2019-09-28 11:39:55 +02:00
$response [ 'status' ] = $code ;
2019-10-21 08:24:14 +02:00
$response = array_merge ( $response , $output );
2019-09-28 11:39:55 +02:00
return new WP_REST_Response ( $response );
}
2019-10-21 08:24:14 +02:00
public function output ( $code ) {
$this -> data [ 'status' ] = $code ;
2019-09-28 11:39:55 +02:00
return new WP_REST_Response ( $this -> data );
}
2019-10-04 08:26:00 +02:00
2019-09-28 11:39:55 +02:00
/**
2019-10-04 08:26:00 +02:00
* Validate the API request .
2019-09-28 11:39:55 +02:00
*
2019-10-04 08:26:00 +02:00
* @ param \WP_REST_Request $request
* @ return bool | \WP_Error
2019-09-28 11:39:55 +02:00
*/
public function validate_request ( WP_REST_Request $request ) {
return true ;
2019-10-21 08:24:14 +02:00
$response = [];
2019-09-28 11:39:55 +02:00
// Make sure we have both user and api key
2019-10-21 08:24:14 +02:00
$api_admin = Opalestate_API_Admin :: get_instance ();
2019-09-28 11:39:55 +02:00
if ( empty ( $request [ 'token' ] ) || empty ( $request [ 'key' ] ) ) {
return $this -> missing_auth ();
}
// Retrieve the user by public API key and ensure they exist
if ( ! ( $user = $api_admin -> get_user ( $request [ 'key' ] ) ) ) {
$this -> invalid_key ();
} else {
$token = urldecode ( $request [ 'token' ] );
$secret = $api_admin -> get_user_secret_key ( $user );
$public = urldecode ( $request [ 'key' ] );
if ( hash_equals ( md5 ( $secret . $public ), $token ) ) {
return true ;
} else {
$this -> invalid_auth ();
}
}
2019-10-21 08:24:14 +02:00
return false ;
2019-09-28 11:39:55 +02:00
}
/**
* Get page number
*
* @ access public
* @ return int $wp_query -> query_vars [ 'page' ] if page number returned ( default : 1 )
2019-10-21 08:24:14 +02:00
* @ global $wp_query
2019-09-28 11:39:55 +02:00
*/
public function get_paged () {
global $wp_query ;
return isset ( $wp_query -> query_vars [ 'page' ] ) ? $wp_query -> query_vars [ 'page' ] : 1 ;
}
/**
* Number of results to display per page
*
* @ access public
* @ return int $per_page Results to display per page ( default : 10 )
2019-10-21 08:24:14 +02:00
* @ global $wp_query
2019-09-28 11:39:55 +02:00
*/
public function per_page () {
global $wp_query ;
$per_page = isset ( $wp_query -> query_vars [ 'number' ] ) ? $wp_query -> query_vars [ 'number' ] : 10 ;
2019-10-21 08:24:14 +02:00
2019-09-28 11:39:55 +02:00
return apply_filters ( 'opalestate_api_results_per_page' , $per_page );
}
2019-10-16 12:52:01 +02:00
/**
* Get object .
*
2019-10-21 08:24:14 +02:00
* @ param int $id Object ID .
2019-10-16 12:52:01 +02:00
* @ return object WC_Data object or WP_Error object .
*/
protected function get_object ( $id ) {
// translators: %s: Class method name.
2019-10-21 08:24:14 +02:00
return new WP_Error ( 'invalid-method' , sprintf ( __ ( " Method '%s' not implemented. Must be overridden in subclass. " , 'opalestate-pro' ), __METHOD__ ), [ 'status' => 405 ] );
2019-10-16 12:52:01 +02:00
}
2019-09-28 11:39:55 +02:00
/**
* Displays a missing authentication error if all the parameters aren ' t
* provided
*
* @ access private
* @ return WP_Error with message key rest_forbidden
*/
2019-10-21 08:24:14 +02:00
private function missing_auth () {
return new WP_Error ( 'rest_forbidden' , esc_html__ ( 'You must specify both a token and API key!' ), [ 'status' => rest_authorization_required_code () ] );
2019-09-28 11:39:55 +02:00
}
/**
* Displays an authentication failed error if the user failed to provide valid
* credentials
*
* @ access private
* @ return WP_Error with message key rest_forbidden
*/
private function invalid_auth () {
2019-10-21 08:24:14 +02:00
return new WP_Error ( 'rest_forbidden' , esc_html__ ( 'Your request could not be authenticated!' , 'opaljob' ), [ 'status' => 403 ] );
2019-09-28 11:39:55 +02:00
}
/**
* Displays an invalid API key error if the API key provided couldn ' t be
* validated
*
* @ access private
* @ return WP_Error with message key rest_forbidden
*/
private function invalid_key () {
2019-10-21 08:24:14 +02:00
return new WP_Error ( 'rest_forbidden' , esc_html__ ( 'Invalid API key!' ), [ 'status' => rest_authorization_required_code () ] );
2019-09-28 11:39:55 +02:00
}
2019-10-03 10:45:46 +02:00
/**
* Check if a given request has access to read items .
*
2019-10-21 08:24:14 +02:00
* @ param WP_REST_Request $request Full details about the request .
2019-10-03 10:45:46 +02:00
* @ return WP_Error | boolean
*/
public function get_items_permissions_check ( $request ) {
2019-10-21 08:24:14 +02:00
$is_valid = $this -> is_valid_api_key ( $request );
2019-10-22 12:07:45 +02:00
2019-10-21 08:24:14 +02:00
if ( is_wp_error ( $is_valid ) ) {
return $is_valid ;
2019-10-22 12:07:45 +02:00
} else {
$route = $request -> get_route ();
$endpoint = explode ( '/' , $route );
$endpoint = end ( $endpoint );
if ( in_array ( $endpoint , [ 'properties' , 'agencies' , 'agents' ] ) ) {
return true ;
}
2019-10-21 08:24:14 +02:00
2019-10-22 12:07:45 +02:00
if ( ! opalestate_rest_check_post_permissions ( $this -> post_type , 'read' ) ) {
return new WP_Error ( 'opalestate_rest_cannot_view' , __ ( 'Sorry, you cannot list resources.' , 'opalestate-pro' ), [ 'status' => rest_authorization_required_code () ] );
}
2019-10-03 10:45:46 +02:00
}
return true ;
}
2019-10-21 08:24:14 +02:00
/**
* Check if a given request has access .
*
* @ param WP_REST_Request $request Full details about the request .
* @ return WP_Error | boolean
*/
public function is_valid_api_key ( $request ) {
if ( isset ( $request [ 'consumer_key' ] ) && $request [ 'consumer_secret' ] ) {
$user = opalestate_get_user_data_by_consumer_key ( $request [ 'consumer_key' ] );
if ( $user ) {
if ( $request [ 'consumer_secret' ] === $user -> consumer_secret ) {
2019-10-22 12:07:45 +02:00
return true ;
2019-10-21 08:24:14 +02:00
}
}
}
2019-10-22 12:07:45 +02:00
return new WP_Error ( 'opalestate_rest_cannot_access' , __ ( 'Sorry, you cannot list resources. Invalid keys!' , 'opalestate-pro' ), [ 'status' => rest_authorization_required_code () ] );
2019-10-21 08:24:14 +02:00
}
/**
* Check if is request to our REST API .
*
* @ return bool
*/
protected function is_request_to_rest_api () {
if ( empty ( $_SERVER [ 'REQUEST_URI' ] ) ) {
return false ;
}
$rest_prefix = trailingslashit ( rest_get_url_prefix () );
$request_uri = esc_url_raw ( wp_unslash ( $_SERVER [ 'REQUEST_URI' ] ) );
// Check if the request is to the Opalestate API endpoints.
$opalestate = ( false !== strpos ( $request_uri , $rest_prefix . 'estate-api/' ) );
// Allow third party plugins use our authentication methods.
$third_party = ( false !== strpos ( $request_uri , $rest_prefix . 'estate-api-' ) );
return apply_filters ( 'opalestate_rest_is_request_to_rest_api' , $opalestate || $third_party );
}
2019-10-16 12:52:01 +02:00
/**
* Check if a given request has access to read an item .
*
2019-10-21 08:24:14 +02:00
* @ param WP_REST_Request $request Full details about the request .
2019-10-16 12:52:01 +02:00
* @ return WP_Error | boolean
*/
public function get_item_permissions_check ( $request ) {
$object = $this -> get_object ( ( int ) $request [ 'id' ] );
if ( $object && 0 !== $object -> get_id () && ! opalestate_rest_check_post_permissions ( $this -> post_type , 'read' , $object -> get_id () ) ) {
2019-10-21 08:24:14 +02:00
return new WP_Error ( 'opalestate_rest_cannot_view' , __ ( 'Sorry, you cannot view this resource.' , 'opalestate-pro' ), [ 'status' => rest_authorization_required_code () ] );
2019-10-16 12:52:01 +02:00
}
return true ;
}
2019-10-03 10:45:46 +02:00
/**
* Check if a given request has access to create an item .
*
2019-10-21 08:24:14 +02:00
* @ param WP_REST_Request $request Full details about the request .
2019-10-03 10:45:46 +02:00
* @ return WP_Error | boolean
*/
public function create_item_permissions_check ( $request ) {
if ( ! opalestate_rest_check_post_permissions ( $this -> post_type , 'create' ) ) {
2019-10-21 08:24:14 +02:00
return new WP_Error ( 'opalestate_rest_cannot_create' , __ ( 'Sorry, you are not allowed to create resources.' , 'opalestate-pro' ), [ 'status' => rest_authorization_required_code () ] );
2019-10-03 10:45:46 +02:00
}
return true ;
}
2019-10-03 12:24:12 +02:00
2019-10-16 12:52:01 +02:00
/**
* Check if a given request has access to update an item .
*
2019-10-21 08:24:14 +02:00
* @ param WP_REST_Request $request Full details about the request .
2019-10-16 12:52:01 +02:00
* @ return WP_Error | boolean
*/
public function update_item_permissions_check ( $request ) {
$object = $this -> get_object ( ( int ) $request [ 'id' ] );
if ( $object && 0 !== $object -> get_id () && ! opalestate_rest_check_post_permissions ( $this -> post_type , 'edit' , $object -> get_id () ) ) {
2019-10-21 08:24:14 +02:00
return new WP_Error ( 'opalestate_rest_cannot_edit' , __ ( 'Sorry, you are not allowed to edit this resource.' , 'opalestate-pro' ), [ 'status' => rest_authorization_required_code () ] );
2019-10-16 12:52:01 +02:00
}
return true ;
}
2019-10-03 12:24:12 +02:00
/**
* Get the query params for collections of attachments .
*
* @ return array
*/
public function get_collection_params () {
$params [ 'page' ] = [
'description' => __ ( 'Current page of the collection.' , 'opalestate-pro' ),
'type' => 'integer' ,
'default' => 1 ,
'sanitize_callback' => 'absint' ,
'validate_callback' => 'rest_validate_request_arg' ,
'minimum' => 1 ,
];
$params [ 'per_page' ] = [
'description' => __ ( 'Maximum number of items to be returned in result set.' , 'opalestate-pro' ),
'type' => 'integer' ,
'default' => 10 ,
'minimum' => 1 ,
'maximum' => 100 ,
'sanitize_callback' => 'absint' ,
'validate_callback' => 'rest_validate_request_arg' ,
];
return $params ;
}
2019-10-01 10:57:58 +02:00
}