Ajax.php
3.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?php
/**
* @license GPL-2.0-or-later
*
* Modified by code-atlantic on 21-June-2024 using {@see https://github.com/BrianHenryIE/strauss}.
*/
namespace ContentControl\Vendor\TrustedLogin;
// Exit if accessed directly
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
use \Exception;
use \WP_Error;
use \WP_User;
use \WP_Admin_Bar;
final class Ajax {
/**
* @var \ContentControl\Vendor\TrustedLogin\Config
*/
private $config;
/**
* @var null|\ContentControl\Vendor\TrustedLogin\Logging $logging
*/
private $logging;
/**
* @var string[] Fields that may be included in the support data.
* @see grantAccess() in trustedlogin.js
*/
private $generate_support_fields = array(
'action',
'vendor',
'_nonce',
'reference_id',
'debug_data_consent',
'ticket',
);
/**
* Cron constructor.
*
* @param Config $config
* @param Logging|null $logging
*/
public function __construct( Config $config, Logging $logging ) {
$this->config = $config;
$this->logging = $logging;
}
/**
*
*/
public function init() {
add_action( 'wp_ajax_tl_' . $this->config->ns() . '_gen_support', array( $this, 'ajax_generate_support' ) );
}
/**
* AJAX handler for maybe generating a Support User
*
* @since 1.0.0
*
* @return void Sends a JSON success or error message based on what happens
*/
public function ajax_generate_support() {
// Remove any fields that are not in the $ajax_fields array.
$posted_data = array_intersect_key( $_POST, array_flip( $this->generate_support_fields ) );
if ( empty( $posted_data['vendor'] ) ) {
$this->logging->log( 'Vendor not defined in TrustedLogin configuration.', __METHOD__, 'critical' );
wp_send_json_error( array( 'message' => 'Vendor not defined in TrustedLogin configuration.' ) );
}
// There are multiple TrustedLogin instances, and this is not the one being called.
// This should not occur, since the AJAX action is namespaced.
if ( $this->config->ns() !== $posted_data['vendor'] ) {
$this->logging->log( 'Vendor does not match TrustedLogin configuration.', __METHOD__, 'critical' );
wp_send_json_error( array( 'message' => 'Vendor does not match.' ) );
return;
}
if ( empty( $posted_data['_nonce'] ) ) {
wp_send_json_error( array( 'message' => 'Nonce not sent in the request.' ) );
}
if ( ! check_ajax_referer( 'tl_nonce-' . get_current_user_id(), '_nonce', false ) ) {
wp_send_json_error( array( 'message' => esc_html__( 'Verification issue: Request could not be verified. Please reload the page.', 'trustedlogin' ) ) );
}
if ( ! current_user_can( 'create_users' ) ) {
$this->logging->log( 'Current user does not have `create_users` capability when trying to grant access.', __METHOD__, 'error' );
wp_send_json_error( array( 'message' => esc_html__( 'You do not have the ability to create users.', 'trustedlogin' ) ) );
}
$client = new Client( $this->config, false );
// Passed from grantAccess() in trustedlogin.js.
$include_debug_data = ! empty( $posted_data['debug_data_consent'] );
// Passed from grantAccess() in trustedlogin.js.
$ticket_data = ! empty( $posted_data['ticket'] ) ? $posted_data['ticket'] : null;
$response = $client->grant_access( $include_debug_data, $ticket_data );
if ( is_wp_error( $response ) ) {
$error_data = $response->get_error_data();
$status_code = isset( $error_data['status_code'] ) ? $error_data['status_code'] : 500;
wp_send_json_error( array( 'message' => $response->get_error_message() ), $status_code );
}
wp_send_json_success( $response, 201 );
}
}