From b8c6530801975835e30086f9ba7812803d1f7b4c Mon Sep 17 00:00:00 2001 From: Hoang Huu Date: Tue, 22 Oct 2019 17:07:45 +0700 Subject: [PATCH] Update API. --- inc/agency/class-opalestate-agency.php | 2 +- inc/api/class-opalestate-api.php | 39 +- inc/api/class-opalestate-base-api.php | 28 +- inc/api/functions.php | 41 +- inc/api/v1/agency.php | 2 + inc/api/v1/agent.php | 2 + inc/api/v1/property.php | 2 +- inc/api/v1/search-form.php | 2 +- inc/api/v1/user.php | 623 +++++++++++++++++++++++++ inc/user/functions.php | 38 ++ 10 files changed, 743 insertions(+), 36 deletions(-) create mode 100644 inc/api/v1/user.php diff --git a/inc/agency/class-opalestate-agency.php b/inc/agency/class-opalestate-agency.php index 24140559..8db9ebd4 100755 --- a/inc/agency/class-opalestate-agency.php +++ b/inc/agency/class-opalestate-agency.php @@ -252,7 +252,7 @@ class OpalEstate_Agency { * Get rating count. * * @param string $context What the value is for. Valid values are view and edit. - * @return int + * @return array */ public static function metaboxes_fields() { $metabox = new Opalestate_Agency_MetaBox(); diff --git a/inc/api/class-opalestate-api.php b/inc/api/class-opalestate-api.php index 6d91d786..cd735897 100755 --- a/inc/api/class-opalestate-api.php +++ b/inc/api/class-opalestate-api.php @@ -7,32 +7,26 @@ if ( ! defined( 'ABSPATH' ) ) { /** * Opalestate_API * - * @since 1.0.0 * @package Opalestate */ class Opalestate_API { - /** * The unique identifier of this plugin. * - * @since 1.0.0 - * @access protected - * @var string $plugin_base_name The string used to uniquely identify this plugin. + * @var string $base The string used to uniquely identify this plugin. */ public $base = 'estate-api'; public function __construct() { $this->init(); + + add_filter( 'jwt_auth_token_before_dispatch', [ $this, 'jwt_auth_token_before_dispatch' ] ); } /** * Registers a new rewrite endpoint for accessing the API * - * @access public - * * @param array $rewrite_rules WordPress Rewrite Rules - * - * @since 1.1 */ public function init() { $this->includes( [ @@ -44,6 +38,7 @@ class Opalestate_API { 'v1/agent.php', 'v1/agency.php', 'v1/search-form.php', + 'v1/user.php', 'functions.php', ] ); @@ -53,11 +48,7 @@ class Opalestate_API { /** * Registers a new rewrite endpoint for accessing the API * - * @access public - * * @param array $rewrite_rules WordPress Rewrite Rules - * - * @since 1.1 */ public function add_endpoint( $rewrite_rules ) { add_rewrite_endpoint( $this->base, EP_ALL ); @@ -78,11 +69,7 @@ class Opalestate_API { /** * Registers a new rewrite endpoint for accessing the API * - * @access public - * * @param array $rewrite_rules WordPress Rewrite Rules - * - * @since 1.1 */ public function register_resources() { $api_classes = apply_filters( 'opalestate_api_classes', @@ -91,6 +78,7 @@ class Opalestate_API { 'Opalestate_Agent_Api', 'Opalestate_Agency_Api', 'Opalestate_Search_Form_Api', + 'Opalestate_User_Api', ] ); @@ -100,6 +88,23 @@ class Opalestate_API { } } + /** + * Add some information to JWT response. + * + * @param $data + * @param $user + * @return array + */ + public function jwt_auth_token_before_dispatch( $data, $user ) { + $data['user_role'] = $user->data->display_name; + $data['avatar'] = opalestate_get_user_meta( $user->data->ID, 'avatar' ); + + return $data; + } + + /** + * Create database. + */ public static function install() { try { if ( ! function_exists( 'dbDelta' ) ) { diff --git a/inc/api/class-opalestate-base-api.php b/inc/api/class-opalestate-base-api.php index fc4319c3..f83e5488 100644 --- a/inc/api/class-opalestate-base-api.php +++ b/inc/api/class-opalestate-base-api.php @@ -187,12 +187,21 @@ abstract class Opalestate_Base_API { */ public function get_items_permissions_check( $request ) { $is_valid = $this->is_valid_api_key( $request ); + if ( is_wp_error( $is_valid ) ) { return $is_valid; - } + } else { + $route = $request->get_route(); + $endpoint = explode( '/', $route ); + $endpoint = end( $endpoint ); - if ( ! opalestate_rest_check_post_permissions( $this->post_type, 'read' ) ) { - return new WP_Error( 'opalestate_rest_cannot_view', __( 'Sorry, you cannot list resources.', 'opalestate-pro' ), [ 'status' => rest_authorization_required_code() ] ); + if ( in_array( $endpoint, [ 'properties', 'agencies', 'agents' ] ) ) { + return true; + } + + if ( ! opalestate_rest_check_post_permissions( $this->post_type, 'read' ) ) { + return new WP_Error( 'opalestate_rest_cannot_view', __( 'Sorry, you cannot list resources.', 'opalestate-pro' ), [ 'status' => rest_authorization_required_code() ] ); + } } return true; @@ -205,26 +214,17 @@ abstract class Opalestate_Base_API { * @return WP_Error|boolean */ public function is_valid_api_key( $request ) { - // if ( ! $this->is_request_to_rest_api() ) { - // return false; - // } - if ( isset( $request['consumer_key'] ) && $request['consumer_secret'] ) { $user = opalestate_get_user_data_by_consumer_key( $request['consumer_key'] ); if ( $user ) { if ( $request['consumer_secret'] === $user->consumer_secret ) { - $route = $request->get_route(); - $endpoint = explode( '/', $route ); - $endpoint = end( $endpoint ); - if ( in_array( $endpoint, [ 'properties' ] ) ) { - return true; - } + return true; } } } - return new WP_Error( 'opalestate_rest_cannot_access', __( 'Sorry, you cannot list resources.', 'opalestate-pro' ), [ 'status' => rest_authorization_required_code() ] ); + return new WP_Error( 'opalestate_rest_cannot_access', __( 'Sorry, you cannot list resources. Invalid keys!', 'opalestate-pro' ), [ 'status' => rest_authorization_required_code() ] ); } /** diff --git a/inc/api/functions.php b/inc/api/functions.php index 3ffd169e..d1bbd474 100644 --- a/inc/api/functions.php +++ b/inc/api/functions.php @@ -27,6 +27,43 @@ function opalestate_rest_check_post_permissions( $post_type, $context = 'read', return apply_filters( 'opalestate_rest_check_permissions', $permission, $context, $object_id, $post_type ); } +/** + * Check permissions of users on REST API. + * + * @param string $context Request context. + * @param int $object_id Post ID. + * @return bool + */ +function opalestate_rest_check_user_permissions( $context = 'read', $object_id = 0 ) { + $contexts = [ + 'read' => 'list_users', + 'create' => 'promote_users', // Check if current user can create users, opalestate managers are not allowed to create users. + 'edit' => 'edit_users', + 'delete' => 'delete_users', + 'batch' => 'promote_users', + ]; + + // Check to allow opalestate_managers to manage only agents or agencies. + if ( in_array( $context, [ 'edit', 'delete' ], true ) && opalestate_current_user_has_role( 'opalestate_manager' ) ) { + $permission = false; + $user_data = get_userdata( $object_id ); + $opalestate_manager_editable_roles = apply_filters( 'opalestate_manager_editable_roles', [ 'opalestate_agent', 'opalestate_agency' ] ); + + if ( isset( $user_data->roles ) ) { + $can_manage_users = array_intersect( $user_data->roles, array_unique( $opalestate_manager_editable_roles ) ); + + // Check if Opalestate Manager can edit agent | agency or with the is same opalestate manager. + if ( 0 < count( $can_manage_users ) || intval( $object_id ) === intval( get_current_user_id() ) ) { + $permission = current_user_can( $contexts[ $context ], $object_id ); + } + } + } else { + $permission = current_user_can( $contexts[ $context ], $object_id ); + } + + return apply_filters( 'opalestate_rest_check_permissions', $permission, $context, $object_id, 'user' ); +} + /** * Return the user data for the given consumer_key. * @@ -136,7 +173,7 @@ function opalestate_rand_hash() { /** * Opalestate API - Hash. * - * @param string $data Message to be hashed. + * @param string $data Message to be hashed. * @return string */ function opalestate_api_hash( $data ) { @@ -155,5 +192,5 @@ function opalestate_rest_urlencode_rfc3986( $value ) { return array_map( 'opalestate_rest_urlencode_rfc3986', $value ); } - return str_replace( array( '+', '%7E' ), array( ' ', '~' ), rawurlencode( $value ) ); + return str_replace( [ '+', '%7E' ], [ ' ', '~' ], rawurlencode( $value ) ); } diff --git a/inc/api/v1/agency.php b/inc/api/v1/agency.php index 695aaa1e..22f7f36c 100755 --- a/inc/api/v1/agency.php +++ b/inc/api/v1/agency.php @@ -130,6 +130,8 @@ class Opalestate_Agency_Api extends Opalestate_Base_API { $agencies['agencies'][ $i ] = $this->get_agency_data( $agency_info ); $i++; } + } else { + return $this->get_response( 404, [ 'collection' => [], 'message' => esc_html__( 'Not found!', 'opalestate-pro' ) ] ); } $response['collection'] = $agencies['agencies']; diff --git a/inc/api/v1/agent.php b/inc/api/v1/agent.php index b4d69b42..f7fd33b7 100755 --- a/inc/api/v1/agent.php +++ b/inc/api/v1/agent.php @@ -126,6 +126,8 @@ class Opalestate_Agent_Api extends Opalestate_Base_API { $agents['agents'][ $i ] = $this->get_agent_data( $agent_info ); $i++; } + } else { + return $this->get_response( 404, [ 'collection' => [], 'message' => esc_html__( 'Not found!', 'opalestate-pro' ) ] ); } $response['collection'] = $agents['agents']; diff --git a/inc/api/v1/property.php b/inc/api/v1/property.php index 2db9093a..12be1fa8 100644 --- a/inc/api/v1/property.php +++ b/inc/api/v1/property.php @@ -144,7 +144,7 @@ class Opalestate_Property_Api extends Opalestate_Base_API { $i++; } } else { - return $this->get_response( 404, [ 'collection' => esc_html__( 'Not found', 'opalestate-pro' ) ] ); + return $this->get_response( 404, [ 'collection' => [], 'message' => esc_html__( 'Not found!', 'opalestate-pro' ) ] ); } $response['collection'] = $properties; diff --git a/inc/api/v1/search-form.php b/inc/api/v1/search-form.php index e0f26dcb..6447ee9b 100644 --- a/inc/api/v1/search-form.php +++ b/inc/api/v1/search-form.php @@ -37,7 +37,7 @@ class Opalestate_Search_Form_Api extends Opalestate_Base_API { [ 'methods' => WP_REST_Server::READABLE, 'callback' => [ $this, 'get_fields' ], - // 'permission_callback' => [ $this, 'get_items_permissions_check' ], + 'permission_callback' => [ $this, 'get_items_permissions_check' ], // 'args' => $this->get_search_params(), ], ] diff --git a/inc/api/v1/user.php b/inc/api/v1/user.php new file mode 100644 index 00000000..d6d4c416 --- /dev/null +++ b/inc/api/v1/user.php @@ -0,0 +1,623 @@ +namespace, + '/' . $this->base, + [ + [ + 'methods' => WP_REST_Server::READABLE, + 'callback' => [ $this, 'get_items' ], + 'permission_callback' => [ $this, 'get_items_permissions_check' ], + 'args' => $this->get_collection_params(), + ], + [ + 'methods' => WP_REST_Server::CREATABLE, + 'callback' => [ $this, 'create_item' ], + 'permission_callback' => [ $this, 'create_item_permissions_check' ], + ], + ] + ); + + register_rest_route( + $this->namespace, + '/' . $this->base . '/(?P[\d]+)', + [ + 'args' => [ + 'id' => [ + 'description' => __( 'Unique identifier for the resource.', 'opalestate-pro' ), + 'type' => 'integer', + ], + ], + [ + 'methods' => WP_REST_Server::READABLE, + 'callback' => [ $this, 'get_item' ], + 'permission_callback' => [ $this, 'get_item_permissions_check' ], + ], + [ + 'methods' => WP_REST_Server::EDITABLE, + 'callback' => [ $this, 'update_item' ], + 'permission_callback' => [ $this, 'update_item_permissions_check' ], + ], + ] + ); + } + + /** + * Check whether a given request has permission to read customers. + * + * @param WP_REST_Request $request Full details about the request. + * @return WP_Error|boolean + */ + public function get_items_permissions_check( $request ) { + if ( ! opalestate_rest_check_user_permissions( 'read' ) ) { + return new WP_Error( 'opalestate_rest_cannot_view', __( 'Sorry, you cannot list resources.', 'opalestate-pro' ), [ 'status' => rest_authorization_required_code() ] ); + } + + return true; + } + + /** + * Check if a given request has access create customers. + * + * @param WP_REST_Request $request Full details about the request. + * + * @return bool|WP_Error + */ + public function create_item_permissions_check( $request ) { + if ( ! opalestate_rest_check_user_permissions( 'create' ) ) { + return new WP_Error( 'opalestate_rest_cannot_create', __( 'Sorry, you are not allowed to create resources.', 'opalestate-pro' ), [ 'status' => rest_authorization_required_code() ] ); + } + + return true; + } + + /** + * Check if a given request has access to read a customer. + * + * @param WP_REST_Request $request Full details about the request. + * @return WP_Error|boolean + */ + public function get_item_permissions_check( $request ) { + $id = (int) $request['id']; + + if ( ! opalestate_rest_check_user_permissions( 'read', $id ) ) { + return new WP_Error( 'opalestate_rest_cannot_view', __( 'Sorry, you cannot view this resource.', 'opalestate-pro' ), [ 'status' => rest_authorization_required_code() ] ); + } + + return true; + } + + /** + * Check if a given request has access update a customer. + * + * @param WP_REST_Request $request Full details about the request. + * + * @return bool|WP_Error + */ + public function update_item_permissions_check( $request ) { + $id = (int) $request['id']; + + if ( ! opalestate_rest_check_user_permissions( 'edit', $id ) ) { + return new WP_Error( 'opalestate_rest_cannot_edit', __( 'Sorry, you are not allowed to edit this resource.', 'opalestate-pro' ), [ 'status' => rest_authorization_required_code() ] ); + } + + return true; + } + + /** + * Check if a given request has access delete a customer. + * + * @param WP_REST_Request $request Full details about the request. + * + * @return bool|WP_Error + */ + public function delete_item_permissions_check( $request ) { + $id = (int) $request['id']; + + if ( ! opalestate_rest_check_user_permissions( 'delete', $id ) ) { + return new WP_Error( 'opalestate_rest_cannot_delete', __( 'Sorry, you are not allowed to delete this resource.', 'opalestate-pro' ), [ + 'status' => rest_authorization_required_code(), + ] ); + } + + return true; + } + + /** + * Get all customers. + * + * @param WP_REST_Request $request Full details about the request. + * @return WP_Error|WP_REST_Response + */ + public function get_items( $request ) { + $prepared_args = []; + $prepared_args['exclude'] = $request['exclude']; + $prepared_args['include'] = $request['include']; + $prepared_args['order'] = $request['order']; + $prepared_args['number'] = $request['per_page']; + if ( ! empty( $request['offset'] ) ) { + $prepared_args['offset'] = $request['offset']; + } else { + $prepared_args['offset'] = ( $request['page'] - 1 ) * $prepared_args['number']; + } + $orderby_possibles = [ + 'id' => 'ID', + 'include' => 'include', + 'name' => 'display_name', + 'registered_date' => 'registered', + ]; + $prepared_args['orderby'] = $orderby_possibles[ $request['orderby'] ]; + $prepared_args['search'] = $request['search']; + + if ( '' !== $prepared_args['search'] ) { + $prepared_args['search'] = '*' . $prepared_args['search'] . '*'; + } + + // Filter by email. + if ( ! empty( $request['email'] ) ) { + $prepared_args['search'] = $request['email']; + $prepared_args['search_columns'] = [ 'user_email' ]; + } + + // Filter by role. + if ( 'all' !== $request['role'] ) { + $prepared_args['role'] = $request['role']; + } + + /** + * Filter arguments, before passing to WP_User_Query, when querying users via the REST API. + * + * @see https://developer.wordpress.org/reference/classes/wp_user_query/ + * + * @param array $prepared_args Array of arguments for WP_User_Query. + * @param WP_REST_Request $request The current request. + */ + $prepared_args = apply_filters( 'opalestate_rest_user_query', $prepared_args, $request ); + $query = new WP_User_Query( $prepared_args ); + + $users = []; + foreach ( $query->results as $user ) { + $data = $this->prepare_item_for_response( $user, $request ); + $users[] = $this->prepare_response_for_collection( $data ); + } + + $response = rest_ensure_response( $users ); + + // Store pagination values for headers then unset for count query. + $per_page = (int) $prepared_args['number']; + $page = ceil( ( ( (int) $prepared_args['offset'] ) / $per_page ) + 1 ); + + $prepared_args['fields'] = 'ID'; + + $total_users = $query->get_total(); + if ( $total_users < 1 ) { + // Out-of-bounds, run the query again without LIMIT for total count. + unset( $prepared_args['number'] ); + unset( $prepared_args['offset'] ); + $count_query = new WP_User_Query( $prepared_args ); + $total_users = $count_query->get_total(); + } + $response->header( 'X-WP-Total', (int) $total_users ); + $max_pages = ceil( $total_users / $per_page ); + $response->header( 'X-WP-TotalPages', (int) $max_pages ); + + $base = add_query_arg( $request->get_query_params(), rest_url( sprintf( '/%s/%s', $this->namespace, $this->base ) ) ); + if ( $page > 1 ) { + $prev_page = $page - 1; + if ( $prev_page > $max_pages ) { + $prev_page = $max_pages; + } + $prev_link = add_query_arg( 'page', $prev_page, $base ); + $response->link_header( 'prev', $prev_link ); + } + if ( $max_pages > $page ) { + $next_page = $page + 1; + $next_link = add_query_arg( 'page', $next_page, $base ); + $response->link_header( 'next', $next_link ); + } + + return $response; + } + + public function update_item( $request ) { + try { + $id = (int) $request['id']; + + $user_data = get_userdata( $id ); + + if ( ! $user_data ) { + throw new Exception( __( 'Invalid resource ID.', 'opalestate-pro' ), 400 ); + } + + if ( in_array( 'opalestate_agent', $user_data->roles ) ) { + $this->update_agent_data( $request ); + } + + if ( in_array( 'opalestate_agency', $user_data->roles ) ) { + $this->update_agency_data( $request ); + } + + /** + * Fires after a customer is created or updated via the REST API. + * + * @param WP_User $customer Data used to create the customer. + * @param WP_REST_Request $request Request object. + * @param boolean $creating True when creating customer, false when updating customer. + */ + do_action( 'opalestate_rest_insert_customer', $user_data, $request, false ); + + $request->set_param( 'context', 'edit' ); + $response = $this->prepare_item_for_response( $user_data, $request ); + $response = rest_ensure_response( $response ); + + return $response; + } catch ( Exception $e ) { + return new WP_Error( $e->getCode(), $e->getMessage(), [ 'status' => $e->getCode() ] ); + } + } + + /** + * Update user data. + * + * @param $request User ID. + */ + public function update_agent_data( $request ) { + $fields = OpalEstate_Agent::metaboxes_fields(); + + $others = [ + 'avatar_id' => '', + 'opalestate_agt_map' => '', + 'map' => '', + ]; + + foreach ( $fields as $key => $field ) { + $tmp = str_replace( OPALESTATE_AGENT_PREFIX, '', $field['id'] ); + if ( isset( $request[ $tmp ] ) && $tmp ) { + $data = is_string( $request[ $tmp ] ) ? sanitize_text_field( $request[ $tmp ] ) : $request[ $tmp ]; + update_user_meta( $request['id'], OPALESTATE_USER_PROFILE_PREFIX . $tmp, $data ); + } + } + + // Update for others. + foreach ( $others as $key => $value ) { + if ( isset( $request[ $key ] ) ) { + $data = is_string( $request[ $key ] ) ? sanitize_text_field( $request[ $key ] ) : $request[ $key ]; + update_user_meta( $request['id'], OPALESTATE_USER_PROFILE_PREFIX . $key, $data ); + } + } + } + + /** + * Update user data. + * + * @param $request User ID. + */ + public function update_agency_data( $request ) { + $fields = OpalEstate_Agency::metaboxes_fields(); + + $others = [ + 'avatar_id' => '', + 'map' => '', + ]; + + foreach ( $fields as $key => $field ) { + $kpos = $field['id']; + $tmp = str_replace( OPALESTATE_AGENCY_PREFIX, '', $field['id'] ); + if ( isset( $request[ $kpos ] ) && $tmp ) { + $data = is_string( $request[ $kpos ] ) ? sanitize_text_field( $request[ $kpos ] ) : $request[ $kpos ]; + update_user_meta( $request['id'], OPALESTATE_USER_PROFILE_PREFIX . $tmp, $data ); + } + } + + // Update for others. + foreach ( $others as $key => $value ) { + $kpos = OPALESTATE_AGENCY_PREFIX . $key; + if ( isset( $request[ $kpos ] ) ) { + $data = is_string( $request[ $kpos ] ) ? sanitize_text_field( $request[ $kpos ] ) : $request[ $kpos ]; + update_user_meta( $request['id'], OPALESTATE_USER_PROFILE_PREFIX . $key, $data ); + } + } + } + + /** + * Prepare a single customer output for response. + * + * @param WP_User $user_data User object. + * @param WP_REST_Request $request Request object. + * @return WP_REST_Response $response Response data. + */ + public function prepare_item_for_response( $user_data, $request ) { + $_data = $user_data->data; + + $data = [ + 'id' => $_data->ID, + 'role' => $user_data->roles, + 'date_created' => $_data->user_registered, + 'email' => $_data->user_email, + 'first_name' => $user_data->first_name, + 'last_name' => $user_data->last_name, + 'username' => $_data->user_login, + 'avatar_url' => opalestate_get_user_meta( $_data->ID, 'avatar' ), + ]; + + if ( in_array( 'opalestate_agent', $user_data->roles ) ) { + $data['agent_data'] = $this->parse_agent_data( $user_data ); + } + + if ( in_array( 'opalestate_agency', $user_data->roles ) ) { + $data['agency_data'] = $this->parse_agency_data( $user_data ); + } + + $context = ! empty( $request['context'] ) ? $request['context'] : 'view'; + $response = rest_ensure_response( $data ); + + /** + * Filter customer data returned from the REST API. + * + * @param WP_REST_Response $response The response object. + * @param WP_User $user_data User object used to create response. + * @param WP_REST_Request $request Request object. + */ + return apply_filters( 'opalestate_rest_prepare_customer', $response, $user_data, $request ); + } + + /** + * Prepare a response for inserting into a collection. + * + * @param WP_REST_Response $response Response object. + * @return array Response data, ready for insertion into collection data. + */ + public function prepare_response_for_collection( $response ) { + if ( ! ( $response instanceof WP_REST_Response ) ) { + return $response; + } + + $data = (array) $response->get_data(); + $server = rest_get_server(); + + if ( method_exists( $server, 'get_compact_response_links' ) ) { + $links = call_user_func( [ $server, 'get_compact_response_links' ], $response ); + } else { + $links = call_user_func( [ $server, 'get_response_links' ], $response ); + } + + if ( ! empty( $links ) ) { + $data['_links'] = $links; + } + + return $data; + } + + public function parse_agent_data( $user_data ) { + $data = []; + $fields = OpalEstate_Agent::metaboxes_fields(); + + $others = [ + 'avatar_id' => '', + 'opalestate_agt_map' => '', + 'map' => '', + ]; + + foreach ( $fields as $key => $field ) { + $tmp = str_replace( OPALESTATE_AGENT_PREFIX, '', $field['id'] ); + $data[ $tmp ] = get_user_meta( $user_data->data->ID, OPALESTATE_USER_PROFILE_PREFIX . $tmp, true ); + } + + // Update for others. + foreach ( $others as $key => $value ) { + $data[ $key ] = get_user_meta( $user_data->data->ID, OPALESTATE_USER_PROFILE_PREFIX . $key, true ); + } + + return $data; + } + + public function parse_agency_data( $user_data ) { + $data = []; + $fields = OpalEstate_Agency::metaboxes_fields(); + + $others = [ + 'avatar_id' => '', + 'map' => '', + ]; + + foreach ( $fields as $key => $field ) { + $tmp = str_replace( OPALESTATE_AGENCY_PREFIX, '', $field['id'] ); + $data[ $tmp ] = get_user_meta( $user_data->data->ID, OPALESTATE_USER_PROFILE_PREFIX . $tmp, true ); + } + + // Update for others. + foreach ( $others as $key => $value ) { + $data[ $key ] = get_user_meta( $user_data->data->ID, OPALESTATE_USER_PROFILE_PREFIX . $key, true ); + } + + return $data; + } + + /** + * Get a single customer. + * + * @param WP_REST_Request $request Full details about the request. + * @return WP_Error|WP_REST_Response + */ + public function get_item( $request ) { + $id = (int) $request['id']; + $user_data = get_userdata( $id ); + + if ( empty( $id ) || empty( $user_data->ID ) ) { + return new WP_Error( 'opalestate_rest_invalid_id', __( 'Invalid resource ID.', 'opalestate-pro' ), [ 'status' => 404 ] ); + } + + $customer = $this->prepare_item_for_response( $user_data, $request ); + $response = rest_ensure_response( $customer ); + + return $response; + } + + public function delete_item( $request ) { + $id = (int) $request['id']; + $force = (bool) $request['force']; + + $property = get_post( absint( $request['id'] ) ); + if ( ! $property || $this->post_type != $property->post_type ) { + $response['test'] = 0; + } else { + wp_delete_post( absint( $request['id'] ) ); + $response['test'] = 1; + } + + return $response; + } + + /** + * The opalestate_property post object, generate the data for the API output + * + * @param object $property_info The Download Post Object + * + * @return array Array of post data to return back in the API + */ + private function get_property_data( $property_info ) { + return opalestate_api_get_property_data( $property_info ); + } + + /** + * Create a single item. + * + * @param WP_REST_Request $request Full details about the request. + * @return WP_Error|WP_REST_Response + */ + public function create_item( $request ) { + if ( ! empty( $request['id'] ) ) { + /* translators: %s: post type */ + return new WP_Error( "opalestate_rest_{$this->post_type}_exists", sprintf( __( 'Cannot create existing %s.', 'opalestate-pro' ), $this->post_type ), [ 'status' => 400 ] ); + } + + $data = [ + 'post_title' => $request['post_title'], + 'post_type' => $this->post_type, + 'post_content' => $request['post_content'], + ]; + + $data['post_status'] = 'pending'; + $post_id = wp_insert_post( $data, true ); + + $response['id'] = $post_id; + $response = rest_ensure_response( $response ); + $response->set_status( 201 ); + $response->header( 'Location', rest_url( sprintf( '/%s/%s/%d', $this->namespace, $this->base, $post_id ) ) ); + + return $response; + } + + /** + * Get the query params for collections. + * + * @return array + */ + public function get_collection_params() { + $params = parent::get_collection_params(); + + $params['context']['default'] = 'view'; + + $params['exclude'] = [ + 'description' => __( 'Ensure result set excludes specific IDs.', 'opalestate-pro' ), + 'type' => 'array', + 'items' => [ + 'type' => 'integer', + ], + 'default' => [], + 'sanitize_callback' => 'wp_parse_id_list', + ]; + $params['include'] = [ + 'description' => __( 'Limit result set to specific IDs.', 'opalestate-pro' ), + 'type' => 'array', + 'items' => [ + 'type' => 'integer', + ], + 'default' => [], + 'sanitize_callback' => 'wp_parse_id_list', + ]; + $params['offset'] = [ + 'description' => __( 'Offset the result set by a specific number of items.', 'opalestate-pro' ), + 'type' => 'integer', + 'sanitize_callback' => 'absint', + 'validate_callback' => 'rest_validate_request_arg', + ]; + $params['order'] = [ + 'default' => 'asc', + 'description' => __( 'Order sort attribute ascending or descending.', 'opalestate-pro' ), + 'enum' => [ 'asc', 'desc' ], + 'sanitize_callback' => 'sanitize_key', + 'type' => 'string', + 'validate_callback' => 'rest_validate_request_arg', + ]; + $params['orderby'] = [ + 'default' => 'name', + 'description' => __( 'Sort collection by object attribute.', 'opalestate-pro' ), + 'enum' => [ + 'id', + 'include', + 'name', + 'registered_date', + ], + 'sanitize_callback' => 'sanitize_key', + 'type' => 'string', + 'validate_callback' => 'rest_validate_request_arg', + ]; + $params['email'] = [ + 'description' => __( 'Limit result set to resources with a specific email.', 'opalestate-pro' ), + 'type' => 'string', + 'format' => 'email', + 'validate_callback' => 'rest_validate_request_arg', + ]; + $params['role'] = [ + 'description' => __( 'Limit result set to resources with a specific role.', 'opalestate-pro' ), + 'type' => 'string', + 'default' => 'opalestate_agent', + 'enum' => array_merge( [ 'all' ], $this->get_role_names() ), + 'validate_callback' => 'rest_validate_request_arg', + ]; + + return $params; + } + + /** + * Get role names. + * + * @return array + */ + protected function get_role_names() { + global $wp_roles; + + return array_keys( $wp_roles->role_names ); + } +} diff --git a/inc/user/functions.php b/inc/user/functions.php index d796c6e8..9a509d4c 100755 --- a/inc/user/functions.php +++ b/inc/user/functions.php @@ -1,4 +1,32 @@ exists() ) { + return false; + } + + return in_array( $role, $user->roles, true ); +} function opalestate_submssion_list_page( $args = [] ) { return opalestate_get_user_management_page_uri( [ 'tab' => 'submission_list' ] ); @@ -257,3 +285,13 @@ if ( ! function_exists( 'opalestate_create_user' ) ) { return $user_id; } } + +/** + * Get user meta. + * + * @param $user_id + * @param $key + */ +function opalestate_get_user_meta( $user_id, $key, $single = true ) { + return get_user_meta( $user_id, OPALESTATE_USER_PROFILE_PREFIX . $key, $single ); +}