diff --git a/inc/admin/class-admin.php b/inc/admin/class-admin.php deleted file mode 100644 index 37319af..0000000 --- a/inc/admin/class-admin.php +++ /dev/null @@ -1,551 +0,0 @@ - value, or wp_parse_args string. - * - * @return string Requested URL. - */ - protected static function get_url( $params = [] ) { - $url = admin_url( 'users.php' ); - $params = [ 'page' => self::BASE_SLUG ] + wp_parse_args( $params ); - - return add_query_arg( urlencode_deep( $params ), $url ); - } - - /** - * Get the current page action. - * - * @return string One of 'add', 'edit', 'delete', or '' for default (list) - */ - protected static function current_action() { - return isset( $_GET['action'] ) ? $_GET['action'] : ''; - } - - /** - * Load data for our page. - */ - public static function load() { - switch ( self::current_action() ) { - case 'add': - case 'edit': - self::render_edit_page(); - break; - - case 'delete': - self::handle_delete(); - break; - - case 'regenerate': - self::handle_regenerate(); - break; - - case 'approve': - self::handle_approve(); - break; - - default: - global $wp_list_table; - - $wp_list_table = new ListTable(); - - $wp_list_table->prepare_items(); - - return; - } - - } - - public static function dispatch() { - switch ( self::current_action() ) { - case 'add': - case 'edit': - case 'delete': - case 'approve': - break; - - default: - self::render(); - break; - } - } - - /** - * Render the list page. - */ - public static function render() { - global $wp_list_table; - - ?> -
-

- - - -

-

' . esc_html__( 'Deleted application.', 'oauth2' ) . '

'; - } elseif ( ! empty( $_GET['approved'] ) ) { - echo '

' . esc_html__( 'Approved application.', 'oauth2' ) . '

'; - } - ?> - - views(); ?> - -
- - search_box( __( 'Search Applications', 'oauth2' ), 'oauth2' ); ?> - - display(); ?> - -
- -
- - - get_post_id() ); - } - - // Check that the parameters are correct first - $params = self::validate_parameters( wp_unslash( $_POST ) ); - - if ( is_wp_error( $params ) ) { - $messages[] = $params->get_error_message(); - - return $messages; - } - - if ( empty( $consumer ) ) { - // Create the consumer - $data = [ - 'name' => $params['name'], - 'description' => $params['description'], - 'meta' => [ - 'type' => $params['type'], - 'callback' => $params['callback'], - ], - ]; - - $consumer = $result = Client::create( $data ); - } else { - // Update the existing consumer post - $data = [ - 'name' => $params['name'], - 'description' => $params['description'], - 'meta' => [ - 'type' => $params['type'], - 'callback' => $params['callback'], - ], - ]; - - $result = $consumer->update( $data ); - } - - if ( is_wp_error( $result ) ) { - $messages[] = $result->get_error_message(); - - return $messages; - } - - // Success, redirect to alias page - $location = self::get_url( - [ - 'action' => 'edit', - 'id' => $consumer->get_post_id(), - 'did_action' => $did_action, - ] - ); - wp_safe_redirect( $location ); - exit; - } - - /** - * Output alias editing page - */ - public static function render_edit_page() { - if ( ! current_user_can( 'edit_users' ) ) { - wp_die( __( 'You do not have permission to access this page.', 'oauth2' ) ); - } - - // Are we editing? - $consumer = null; - $form_action = self::get_url( 'action=add' ); - $regenerate_action = ''; - if ( ! empty( $_REQUEST['id'] ) ) { - $id = absint( $_REQUEST['id'] ); - $consumer = Client::get_by_post_id( $id ); - if ( is_wp_error( $consumer ) || empty( $consumer ) ) { - wp_die( __( 'Invalid client ID.', 'oauth2' ) ); - } - - $form_action = self::get_url( [ 'action' => 'edit', 'id' => $id ] ); - $regenerate_action = self::get_url( [ 'action' => 'regenerate', 'id' => $id ] ); - } - - // Handle form submission - $messages = []; - if ( ! empty( $_POST['submit'] ) ) { - $messages = self::handle_edit_submit( $consumer ); - } - if ( ! empty( $_GET['did_action'] ) ) { - switch ( $_GET['did_action'] ) { - case 'edit': - $messages[] = __( 'Updated application.', 'oauth2' ); - break; - - case 'regenerate': - $messages[] = __( 'Regenerated secret.', 'oauth2' ); - break; - - default: - $messages[] = __( 'Successfully created application.', 'oauth2' ); - break; - } - } - - $data = []; - - if ( empty( $consumer ) || ! empty( $_POST['_wpnonce'] ) ) { - foreach ( [ 'name', 'description', 'callback', 'type' ] as $key ) { - $data[ $key ] = empty( $_POST[ $key ] ) ? '' : wp_unslash( $_POST[ $key ] ); - } - } else { - $data['name'] = $consumer->get_name(); - $data['description'] = $consumer->get_description( true ); - $data['type'] = $consumer->get_type(); - $data['callback'] = $consumer->get_redirect_uris(); - - if ( is_array( $data['callback'] ) ) { - $data['callback'] = implode( ',', $data['callback'] ); - } - } - - // Header time! - global $title, $parent_file, $submenu_file; - $title = $consumer ? __( 'Edit Application', 'oauth2' ) : __( 'Add Application', 'oauth2' ); - $parent_file = 'users.php'; - $submenu_file = self::BASE_SLUG; - - include( ABSPATH . 'wp-admin/admin-header.php' ); - ?> - -
-

- -

' . esc_html( $msg ) . '

'; - } - } - ?> - -
- - - - - - - - - - - - - - - - - -
- - - -

-
- - - -
- - -
    -
  • - - /> - -

    - -

    -
    • -
  • - - /> - -

    - -

    -
    • -
-
- - - -

-
- - get_post_id() ) . '" />'; - wp_nonce_field( 'rest-oauth2-edit-' . $consumer->get_post_id() ); - submit_button( __( 'Save Client', 'oauth2' ) ); - } - - ?> -
- - -
-

- - - - - - - - - - -
- - - get_id() ) ?> -
- - - get_secret() ) ?> -
- - get_post_id() ); - submit_button( __( 'Regenerate Secret', 'oauth2' ), 'delete' ); - ?> -
- - - - ' . __( 'Cheatin’ uh?', 'oauth2' ) . '' . - '

' . __( 'You are not allowed to delete this application.', 'oauth2' ) . '

', - 403 - ); - } - - $client = Client::get_by_post_id( $id ); - if ( is_wp_error( $client ) ) { - wp_die( $client ); - - return; - } - - if ( ! $client->delete() ) { - $message = 'Invalid client ID'; - wp_die( $message ); - - return; - } - - wp_safe_redirect( self::get_url( 'deleted=1' ) ); - exit; - } - - /** - * Approve the client. - */ - public static function handle_approve() { - if ( empty( $_GET['id'] ) ) { - return; - } - - $id = absint( $_GET['id'] ); - check_admin_referer( 'rest-oauth2-approve:' . $id ); - - if ( ! current_user_can( 'publish_post', $id ) ) { - wp_die( - '

' . __( 'Cheatin’ uh?', 'oauth2' ) . '

' . - '

' . __( 'You are not allowed to approve this application.', 'oauth2' ) . '

', - 403 - ); - } - - $client = Client::get_by_post_id( $id ); - if ( is_wp_error( $client ) ) { - wp_die( $client ); - } - - $did_approve = $client->approve(); - if ( is_wp_error( $did_approve ) ) { - wp_die( $did_approve ); - } - - wp_safe_redirect( self::get_url( 'approved=1' ) ); - exit; - } - - /** - * Regenerate the client secret. - */ - public static function handle_regenerate() { - if ( empty( $_GET['id'] ) ) { - return; - } - - $id = absint( $_GET['id'] ); - check_admin_referer( 'rest-oauth2-regenerate:' . $id ); - - if ( ! current_user_can( 'edit_post', $id ) ) { - wp_die( - '

' . __( 'Cheatin’ uh?', 'oauth2' ) . '

' . - '

' . __( 'You are not allowed to edit this application.', 'oauth2' ) . '

', - 403 - ); - } - - $client = Client::get_by_post_id( $id ); - $result = $client->regenerate_secret(); - if ( is_wp_error( $result ) ) { - wp_die( $result->get_error_message() ); - } - - wp_safe_redirect( self::get_url( [ 'action' => 'edit', 'id' => $id, 'did_action' => 'regenerate' ] ) ); - exit; - } -} diff --git a/inc/admin/namespace.php b/inc/admin/namespace.php new file mode 100644 index 0000000..1f839a7 --- /dev/null +++ b/inc/admin/namespace.php @@ -0,0 +1,549 @@ + value, or wp_parse_args string. + * + * @return string Requested URL. + */ +function get_url( $params = [] ) { + $url = admin_url( 'users.php' ); + $params = [ 'page' => BASE_SLUG ] + wp_parse_args( $params ); + + return add_query_arg( urlencode_deep( $params ), $url ); +} + +/** + * Get the current page action. + * + * @return string One of 'add', 'edit', 'delete', or '' for default (list) + */ +function get_page_action() { + return isset( $_GET['action'] ) ? $_GET['action'] : ''; +} + +/** + * Load data for our page. + */ +function load() { + switch ( get_page_action() ) { + case 'add': + case 'edit': + render_edit_page(); + break; + + case 'delete': + handle_delete(); + break; + + case 'regenerate': + handle_regenerate(); + break; + + case 'approve': + handle_approve(); + break; + + default: + global $wp_list_table; + + $wp_list_table = new ListTable(); + + $wp_list_table->prepare_items(); + + return; + } + +} + +function dispatch() { + switch ( get_page_action() ) { + case 'add': + case 'edit': + case 'delete': + case 'approve': + break; + + default: + render(); + break; + } +} + +/** + * Render the list page. + */ +function render() { + global $wp_list_table; + + ?> +
+

+ + + +

+

' . esc_html__( 'Deleted application.', 'oauth2' ) . '

'; + } elseif ( ! empty( $_GET['approved'] ) ) { + echo '

' . esc_html__( 'Approved application.', 'oauth2' ) . '

'; + } + ?> + + views(); ?> + +
+ + search_box( __( 'Search Applications', 'oauth2' ), 'oauth2' ); ?> + + display(); ?> + +
+ +
+ + + get_post_id() ); + } + + // Check that the parameters are correct first + $params = validate_parameters( wp_unslash( $_POST ) ); + + if ( is_wp_error( $params ) ) { + $messages[] = $params->get_error_message(); + + return $messages; + } + + if ( empty( $consumer ) ) { + // Create the consumer + $data = [ + 'name' => $params['name'], + 'description' => $params['description'], + 'meta' => [ + 'type' => $params['type'], + 'callback' => $params['callback'], + ], + ]; + + $consumer = $result = Client::create( $data ); + } else { + // Update the existing consumer post + $data = [ + 'name' => $params['name'], + 'description' => $params['description'], + 'meta' => [ + 'type' => $params['type'], + 'callback' => $params['callback'], + ], + ]; + + $result = $consumer->update( $data ); + } + + if ( is_wp_error( $result ) ) { + $messages[] = $result->get_error_message(); + + return $messages; + } + + // Success, redirect to alias page + $location = get_url( + [ + 'action' => 'edit', + 'id' => $consumer->get_post_id(), + 'did_action' => $did_action, + ] + ); + wp_safe_redirect( $location ); + exit; +} + +/** + * Output alias editing page + */ +function render_edit_page() { + if ( ! current_user_can( 'edit_users' ) ) { + wp_die( __( 'You do not have permission to access this page.', 'oauth2' ) ); + } + + // Are we editing? + $consumer = null; + $form_action = get_url( 'action=add' ); + $regenerate_action = ''; + if ( ! empty( $_REQUEST['id'] ) ) { + $id = absint( $_REQUEST['id'] ); + $consumer = Client::get_by_post_id( $id ); + if ( is_wp_error( $consumer ) || empty( $consumer ) ) { + wp_die( __( 'Invalid client ID.', 'oauth2' ) ); + } + + $form_action = get_url( [ 'action' => 'edit', 'id' => $id ] ); + $regenerate_action = get_url( [ 'action' => 'regenerate', 'id' => $id ] ); + } + + // Handle form submission + $messages = []; + if ( ! empty( $_POST['submit'] ) ) { + $messages = handle_edit_submit( $consumer ); + } + if ( ! empty( $_GET['did_action'] ) ) { + switch ( $_GET['did_action'] ) { + case 'edit': + $messages[] = __( 'Updated application.', 'oauth2' ); + break; + + case 'regenerate': + $messages[] = __( 'Regenerated secret.', 'oauth2' ); + break; + + default: + $messages[] = __( 'Successfully created application.', 'oauth2' ); + break; + } + } + + $data = []; + + if ( empty( $consumer ) || ! empty( $_POST['_wpnonce'] ) ) { + foreach ( [ 'name', 'description', 'callback', 'type' ] as $key ) { + $data[ $key ] = empty( $_POST[ $key ] ) ? '' : wp_unslash( $_POST[ $key ] ); + } + } else { + $data['name'] = $consumer->get_name(); + $data['description'] = $consumer->get_description( true ); + $data['type'] = $consumer->get_type(); + $data['callback'] = $consumer->get_redirect_uris(); + + if ( is_array( $data['callback'] ) ) { + $data['callback'] = implode( ',', $data['callback'] ); + } + } + + // Header time! + global $title, $parent_file, $submenu_file; + $title = $consumer ? __( 'Edit Application', 'oauth2' ) : __( 'Add Application', 'oauth2' ); + $parent_file = 'users.php'; + $submenu_file = BASE_SLUG; + + include( ABSPATH . 'wp-admin/admin-header.php' ); + ?> + +
+

+ +

' . esc_html( $msg ) . '

'; + } + } + ?> + +
+ + + + + + + + + + + + + + + + + +
+ + + +

+
+ + + +
+ + +
    +
  • + + /> + +

    + +

    +
    • +
  • + + /> + +

    + +

    +
    • +
+
+ + + +

+
+ + get_post_id() ) . '" />'; + wp_nonce_field( 'rest-oauth2-edit-' . $consumer->get_post_id() ); + submit_button( __( 'Save Client', 'oauth2' ) ); + } + + ?> +
+ + +
+

+ + + + + + + + + + +
+ + + get_id() ) ?> +
+ + + get_secret() ) ?> +
+ + get_post_id() ); + submit_button( __( 'Regenerate Secret', 'oauth2' ), 'delete' ); + ?> +
+ + + + ' . __( 'Cheatin’ uh?', 'oauth2' ) . '' . + '

' . __( 'You are not allowed to delete this application.', 'oauth2' ) . '

', + 403 + ); + } + + $client = Client::get_by_post_id( $id ); + if ( is_wp_error( $client ) ) { + wp_die( $client ); + + return; + } + + if ( ! $client->delete() ) { + $message = 'Invalid client ID'; + wp_die( $message ); + + return; + } + + wp_safe_redirect( get_url( 'deleted=1' ) ); + exit; +} + +/** + * Approve the client. + */ +function handle_approve() { + if ( empty( $_GET['id'] ) ) { + return; + } + + $id = absint( $_GET['id'] ); + check_admin_referer( 'rest-oauth2-approve:' . $id ); + + if ( ! current_user_can( 'publish_post', $id ) ) { + wp_die( + '

' . __( 'Cheatin’ uh?', 'oauth2' ) . '

' . + '

' . __( 'You are not allowed to approve this application.', 'oauth2' ) . '

', + 403 + ); + } + + $client = Client::get_by_post_id( $id ); + if ( is_wp_error( $client ) ) { + wp_die( $client ); + } + + $did_approve = $client->approve(); + if ( is_wp_error( $did_approve ) ) { + wp_die( $did_approve ); + } + + wp_safe_redirect( get_url( 'approved=1' ) ); + exit; +} + +/** + * Regenerate the client secret. + */ +function handle_regenerate() { + if ( empty( $_GET['id'] ) ) { + return; + } + + $id = absint( $_GET['id'] ); + check_admin_referer( 'rest-oauth2-regenerate:' . $id ); + + if ( ! current_user_can( 'edit_post', $id ) ) { + wp_die( + '

' . __( 'Cheatin’ uh?', 'oauth2' ) . '

' . + '

' . __( 'You are not allowed to edit this application.', 'oauth2' ) . '

', + 403 + ); + } + + $client = Client::get_by_post_id( $id ); + $result = $client->regenerate_secret(); + if ( is_wp_error( $result ) ) { + wp_die( $result->get_error_message() ); + } + + wp_safe_redirect( get_url( [ 'action' => 'edit', 'id' => $id, 'did_action' => 'regenerate' ] ) ); + exit; +} diff --git a/plugin.php b/plugin.php index 88e43c9..9b94423 100644 --- a/plugin.php +++ b/plugin.php @@ -32,7 +32,7 @@ function bootstrap() { // Admin-related. add_action( 'init', __NAMESPACE__ . '\\rest_oauth2_load_authorize_page' ); - add_action( 'admin_menu', array( __NAMESPACE__ . '\\admin\\Admin', 'register' ) ); + add_action( 'admin_menu', __NAMESPACE__ . '\\Admin\\register' ); Admin\Profile\bootstrap(); } @@ -50,7 +50,7 @@ function load() { require __DIR__ . '/inc/types/class-base.php'; require __DIR__ . '/inc/types/class-authorization-code.php'; require __DIR__ . '/inc/types/class-implicit.php'; - require __DIR__ . '/inc/admin/class-admin.php'; + require __DIR__ . '/inc/admin/namespace.php'; require __DIR__ . '/inc/admin/profile/namespace.php'; }