class-wc-rest-payments-files-controller.php
3.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<?php
/**
* Class WC_REST_Payments_Files_Controller
*
* @package WooCommerce\Payments\Admin
*/
defined( 'ABSPATH' ) || exit;
/**
* REST controller for files.
*/
class WC_REST_Payments_Files_Controller extends WC_Payments_REST_Controller {
/**
* Endpoint path.
*
* @var string
*/
protected $rest_base = 'payments/file';
/**
* Configure REST API routes.
*/
public function register_routes() {
register_rest_route(
$this->namespace,
'/' . $this->rest_base,
[
'methods' => WP_REST_Server::CREATABLE,
'callback' => [ $this, 'upload_file' ],
'permission_callback' => [ $this, 'check_permission' ],
]
);
register_rest_route(
$this->namespace,
'/' . $this->rest_base . '/(?P<file_id>\w+)',
[
'methods' => WP_REST_Server::READABLE,
'callback' => [ $this, 'get_file' ],
'permission_callback' => [],
]
);
}
/**
* Create file and respond with file object via API.
*
* @param WP_REST_Request $request Full data about the request.
*/
public function upload_file( $request ) {
return $this->forward_request( 'upload_file', [ $request ] );
}
/**
* Retrieve a file content via API.
*
* @param WP_REST_Request $request - request object.
*
* @return WP_Error|WP_HTTP_Response
*/
public function get_file( WP_REST_Request $request ) {
$file_id = $request->get_param( 'file_id' );
$as_account = (bool) $request->get_param( 'as_account' );
$file_service = new WC_Payments_File_Service();
$purpose = get_transient( WC_Payments_File_Service::CACHE_KEY_PREFIX_PURPOSE . $file_id . '_' . ( $as_account ? '1' : '0' ) );
if ( ! $purpose ) {
$file = $this->forward_request( 'get_file', [ $file_id, $as_account ] );
if ( is_wp_error( $file ) ) {
return $this->file_error_response( $file );
}
$purpose = $file->get_data()['purpose'];
set_transient( WC_Payments_File_Service::CACHE_KEY_PREFIX_PURPOSE . $file_id, $purpose, WC_Payments_File_Service::CACHE_PERIOD );
}
if ( ! $file_service->is_file_public( $purpose ) && ! $this->check_permission() ) {
return new WP_Error(
'rest_forbidden',
__( 'Sorry, you are not allowed to do that.', 'woocommerce-payments' ),
[ 'status' => rest_authorization_required_code() ]
);
}
$result = $this->forward_request( 'get_file_contents', [ $file_id, $as_account ] );
if ( is_wp_error( $result ) ) {
return $this->file_error_response( $result );
}
/**
* WP_REST_Server will convert the response data to JSON prior to output it.
* Using this filter to prevent it, and output the data from WP_HTTP_Response instead.
*/
add_filter(
'rest_pre_serve_request',
function ( bool $served, WP_HTTP_Response $response ) : bool {
echo $response->get_data(); // @codingStandardsIgnoreLine
return true;
},
10,
2
);
return new WP_HTTP_Response(
base64_decode( $result->get_data()['file_content'] ), // @codingStandardsIgnoreLine
200,
[
'Content-Type' => $result->get_data()['content_type'],
'Content-Disposition' => 'inline',
]
);
}
/**
* Convert error response
*
* @param WP_Error $error - error.
*
* @return WP_Error
*/
private function file_error_response( WP_Error $error ) : WP_Error {
$error_status_code = 'resource_missing' === $error->get_error_code() ? WP_Http::NOT_FOUND : WP_Http::INTERNAL_SERVER_ERROR;
return new WP_Error(
$error->get_error_code(),
$error->get_error_message(),
[ 'status' => $error_status_code ]
);
}
}