PluginProbe ʕ •ᴥ•ʔ
CommerceBird – AI Command Center, ERP Integrations & B2B for WooCommerce (Zoho, Exact Online). / 2.3.9
CommerceBird – AI Command Center, ERP Integrations & B2B for WooCommerce (Zoho, Exact Online). v2.3.9
3.0.3 3.0.2 3.0.1 trunk 2.2.14 2.2.15 2.2.16 2.2.17 2.2.18 2.2.19 2.3.0 2.3.1 2.3.10 2.3.11 2.3.12 2.3.13 2.3.14 2.3.2 2.3.3 2.3.4 2.3.5 2.3.6 2.3.7 2.3.8 2.3.9 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.5.0 2.5.1 2.5.2 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.6.5 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.7.6 2.7.7 2.7.8 2.7.9 2.7.91 2.7.92 2.7.93 2.8.0 2.8.1 2.8.2 2.8.3 2.8.4 2.8.5 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0
commercebird / includes / classes / apis / trait-api-permission.php
commercebird / includes / classes / apis Last commit date
class-api-for-cmbird.php 1 year ago class-api-for-exact-webhooks.php 1 year ago class-api-for-product-webhook.php 1 year ago class-api-for-shipping-status.php 1 year ago class-api-for-woo-order.php 1 year ago class-api-for-zoho-inventory.php 1 year ago class-commercebird-list-items-api-controller.php 1 year ago class-commercebird-media-api-controller.php 1 year ago class-commercebird-metadata-controller.php 1 year ago index.php 1 year ago trait-api-permission.php 1 year ago
trait-api-permission.php
93 lines
1 <?php
2
3 namespace CommerceBird\API;
4
5 use Exception;
6 use CommerceBird\Admin\Actions\Ajax\ZohoInventoryAjax;
7 use WP_Error;
8 use WP_REST_Request;
9 use WP_REST_Response;
10
11 if ( ! defined( 'ABSPATH' ) ) {
12 exit;
13 }
14
15 trait Api {
16
17 private static string $namespace = 'v2';
18
19 private string $empty_response = 'No data found from webhook. check on ' . __METHOD__ . ' of ' . __CLASS__ . ' on line ' . __LINE__;
20
21 public static function endpoint(): string {
22 return get_rest_url() . self::$namespace . '/' . self::$endpoint;
23 }
24
25 public function permission_check() {
26 // Get all headers
27 $headers = getallheaders();
28 // Check if the Authorization header is present
29 if ( isset( $headers['Authorization'] ) ) {
30 $authorization = $headers['Authorization'];
31 if ( ! password_verify( 'commercebird-zi-webhook-token', $authorization ) ) {
32 return new WP_Error(
33 'rest_forbidden',
34 'You are not allowed to access this endpoint',
35 array(
36 'status' => 400,
37 'header' => $authorization,
38 )
39 );
40 }
41 }
42 $subscription = ZohoInventoryAjax::instance()->get_subscription_data();
43 if ( isset( $subscription['plan'] ) ) {
44 $subscription_plan = implode( ' ', $subscription['plan'] );
45 if ( stripos( $subscription_plan, 'Premium' ) === false ) {
46 return new WP_Error(
47 'rest_forbidden',
48 $subscription_plan,
49 array(
50 'status' => 403,
51 'data' => strpos( 'Premium', $subscription_plan ),
52 )
53 );
54 }
55 return true;
56 }
57 }
58 public function handle( WP_REST_Request $request ) {
59 $response = new WP_REST_Response();
60 $response->set_data( $this->empty_response );
61 $response->set_status( 404 );
62 $data = $request->get_json_params();
63 if ( empty( $data ) ) {
64 return rest_ensure_response( $response );
65 }
66 if ( array_key_exists( 'JSONString', $data ) ) {
67 $data = str_replace( '\\', '', $data['JSONString'] );
68 }
69 // Create a unique key based on the payload
70 $payload_hash = wp_hash( wp_json_encode( $data ) );
71 $lock_key = 'cmbird_processing_payload_' . $payload_hash;
72 // Check and set lock using update_option
73 $lock_acquired = add_option( $lock_key, time() );
74 if ( ! $lock_acquired ) {
75 $response->set_data( 'Duplicate payload ignored. Already being processed.' );
76 $response->set_status( 200 );
77 return rest_ensure_response( $response );
78 }
79 // Process the payload
80 if ( ! empty( $data ) ) {
81 try {
82 $response = $this->process( $data );
83 } catch (Exception $exception) {
84 $response->set_data( $exception->getMessage() );
85 $response->set_status( 500 );
86 }
87 }
88 // Clean up the lock after processing
89 delete_option( $lock_key );
90 return rest_ensure_response( $response );
91 }
92 }
93