class.jetpack-admin.php — Jetpack – WP Security, Backup, Speed, & Growth 12.0.2

jetpack / class.jetpack-admin.php

jetpack Last commit date

class.jetpack-admin.php

624 lines

1	<?php // phpcs:ignore WordPress.Files.FileName.InvalidClassFileName
2	/**
3	* Build the Jetpack admin menu as a whole.
4	*
5	* @package automattic/jetpack
6	*/
7
8	use Automattic\Jetpack\Assets\Logo as Jetpack_Logo;
9	use Automattic\Jetpack\Partner_Coupon as Jetpack_Partner_Coupon;
10	use Automattic\Jetpack\Status;
11	use Automattic\Jetpack\Status\Host;
12
13	/**
14	* Build the Jetpack admin menu as a whole.
15	*/
16	class Jetpack_Admin {
17
18	/**
19	* Static instance.
20	*
21	* @var Jetpack_Admin
22	*/
23	private static $instance = null;
24
25	/**
26	* Initialize and fetch the static instance.
27	*
28	* @return self
29	*/
30	public static function init() {
31	// phpcs:ignore WordPress.Security.NonceVerification.Recommended
32	if ( isset( $_GET['page'] ) && 'jetpack' === $_GET['page'] ) {
33	add_filter( 'nocache_headers', array( 'Jetpack_Admin', 'add_no_store_header' ), 100 );
34	}
35
36	if ( self::$instance === null ) {
37	self::$instance = new Jetpack_Admin();
38	}
39	return self::$instance;
40	}
41
42	/**
43	* Filter callback to add `no-store` to the `Cache-Control` header.
44	*
45	* @param array $headers Headers array.
46	* @return array Modified headers array.
47	*/
48	public static function add_no_store_header( $headers ) {
49	$headers['Cache-Control'] .= ', no-store';
50	return $headers;
51	}
52
53	/** Constructor. */
54	private function __construct() {
55	require_once JETPACK__PLUGIN_DIR . '_inc/lib/admin-pages/class.jetpack-react-page.php';
56	$jetpack_react = new Jetpack_React_Page();
57
58	require_once JETPACK__PLUGIN_DIR . '_inc/lib/admin-pages/class.jetpack-settings-page.php';
59	$fallback_page = new Jetpack_Settings_Page();
60
61	require_once JETPACK__PLUGIN_DIR . '_inc/lib/admin-pages/class-jetpack-about-page.php';
62	$jetpack_about = new Jetpack_About_Page();
63
64	add_action( 'admin_init', array( $jetpack_react, 'react_redirects' ), 0 );
65	add_action( 'admin_menu', array( $jetpack_react, 'add_actions' ), 998 );
66	add_action( 'jetpack_admin_menu', array( $jetpack_react, 'jetpack_add_dashboard_sub_nav_item' ) );
67	add_action( 'jetpack_admin_menu', array( $jetpack_react, 'jetpack_add_settings_sub_nav_item' ) );
68	add_action( 'jetpack_admin_menu', array( $this, 'admin_menu_debugger' ) );
69	add_action( 'jetpack_admin_menu', array( $fallback_page, 'add_actions' ) );
70	add_action( 'jetpack_admin_menu', array( $jetpack_about, 'add_actions' ) );
71
72	// Add redirect to current page for activation/deactivation of modules.
73	add_action( 'jetpack_pre_activate_module', array( $this, 'fix_redirect' ), 10, 2 );
74	add_action( 'jetpack_pre_deactivate_module', array( $this, 'fix_redirect' ), 10, 2 );
75
76	// Add module bulk actions handler.
77	add_action( 'jetpack_unrecognized_action', array( $this, 'handle_unrecognized_action' ) );
78
79	if ( class_exists( 'Akismet_Admin' ) ) {
80	// If the site has Jetpack Anti-Spam, change the Akismet menu label accordingly.
81	$site_products = Jetpack_Plan::get_products();
82	$anti_spam_products = array( 'jetpack_anti_spam_monthly', 'jetpack_anti_spam' );
83	if ( ! empty( array_intersect( $anti_spam_products, array_column( $site_products, 'product_slug' ) ) ) ) {
84	// Prevent Akismet from adding a menu item.
85	add_action(
86	'admin_menu',
87	function () {
88	remove_action( 'admin_menu', array( 'Akismet_Admin', 'admin_menu' ), 5 );
89	},
90	4
91	);
92
93	// Add an Anti-spam menu item for Jetpack.
94	add_action(
95	'jetpack_admin_menu',
96	function () {
97	add_submenu_page( 'jetpack', __( 'Anti-Spam', 'jetpack' ), __( 'Anti-Spam', 'jetpack' ), 'manage_options', 'akismet-key-config', array( 'Akismet_Admin', 'display_page' ) );
98	}
99	);
100	add_action( 'admin_enqueue_scripts', array( $this, 'akismet_logo_replacement_styles' ) );
101	}
102	}
103
104	// Ensure an Additional CSS menu item is added to the Appearance menu whenever Jetpack is connected.
105	add_action( 'admin_menu', array( $this, 'additional_css_menu' ) );
106
107	add_filter( 'jetpack_display_jitms_on_screen', array( $this, 'should_display_jitms_on_screen' ), 10, 2 );
108
109	// Register Jetpack partner coupon hooks.
110	Jetpack_Partner_Coupon::register_coupon_admin_hooks( 'jetpack', Jetpack::admin_url() );
111	}
112
113	/**
114	* Generate styles to replace Akismet logo for the Jetpack logo. It's a workaround until we create a proper settings page for
115	* Jetpack Anti-Spam. Without this, we would have to change the logo from Akismet codebase and we want to avoid that.
116	*/
117	public function akismet_logo_replacement_styles() {
118	$logo = new Jetpack_Logo();
119	// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode
120	$logo_base64 = base64_encode( $logo->get_jp_emblem_larger() );
121	$logo_base64_url = "data:image/svg+xml;base64,{$logo_base64}";
122	$style = ".akismet-masthead__logo-container { background: url({$logo_base64_url}) no-repeat .25rem; height: 1.8125rem; } .akismet-masthead__logo { display: none; }";
123	wp_add_inline_style( 'admin-bar', $style );
124	}
125
126	/**
127	* Handle our Additional CSS menu item and legacy page declaration.
128	*
129	* @since 11.0 . Prior to that, this function was located in custom-css-4.7.php (now custom-css.php).
130	*/
131	public static function additional_css_menu() {
132
133	// If the site is a WoA site and the custom-css feature is not available, return.
134	// See https://github.com/Automattic/jetpack/pull/19965 for more on how this menu item is dealt with on WoA sites.
135	if ( ( new Host() )->is_woa_site() && ! ( in_array( 'custom-css', Jetpack::get_available_modules(), true ) ) ) {
136	return;
137	} elseif ( class_exists( 'Jetpack' ) && Jetpack::is_module_active( 'custom-css' ) ) { // If the Custom CSS module is enabled, add the Additional CSS menu item and link to the Customizer.
138	// Add in our legacy page to support old bookmarks and such.
139	add_submenu_page( '', __( 'CSS', 'jetpack' ), __( 'Additional CSS', 'jetpack' ), 'edit_theme_options', 'editcss', array( __CLASS__, 'customizer_redirect' ) );
140
141	// Add in our new page slug that will redirect to the customizer.
142	$hook = add_theme_page( __( 'CSS', 'jetpack' ), __( 'Additional CSS', 'jetpack' ), 'edit_theme_options', 'editcss-customizer-redirect', array( __CLASS__, 'customizer_redirect' ) );
143	add_action( "load-{$hook}", array( __CLASS__, 'customizer_redirect' ) );
144	} elseif ( class_exists( 'Jetpack' ) && Jetpack::is_connection_ready() ) { // Link to the Jetpack Settings > Writing page, highlighting the Custom CSS setting.
145	add_submenu_page( '', __( 'CSS', 'jetpack' ), __( 'Additional CSS', 'jetpack' ), 'edit_theme_options', 'editcss', array( __CLASS__, 'theme_enhancements_redirect' ) );
146
147	$hook = add_theme_page( __( 'CSS', 'jetpack' ), __( 'Additional CSS', 'jetpack' ), 'edit_theme_options', 'editcss-theme-enhancements-redirect', array( __CLASS__, 'theme_enhancements_redirect' ) );
148	add_action( "load-{$hook}", array( __CLASS__, 'theme_enhancements_redirect' ) );
149	}
150	}
151
152	/**
153	* Handle the redirect for the customizer. This is necessary because
154	* we can't directly add customizer links to the admin menu.
155	*
156	* @since 11.0 . Prior to that, this function was located in custom-css-4.7.php (now custom-css.php).
157	*
158	* There is a core patch in trac that would make this unnecessary.
159	*
160	* @link https://core.trac.wordpress.org/ticket/39050
161	*/
162	public static function customizer_redirect() {
163	wp_safe_redirect(
164	self::customizer_link(
165	array(
166	'return_url' => wp_get_referer(),
167	)
168	)
169	);
170	exit;
171	}
172
173	/**
174	* Handle the Additional CSS redirect to the Jetpack settings Theme Enhancements section.
175	*
176	* @since 11.0
177	*/
178	public static function theme_enhancements_redirect() {
179	wp_safe_redirect(
180	'admin.php?page=jetpack#/writing?term=custom-css'
181	);
182	exit;
183	}
184
185	/**
186	* Build the URL to deep link to the Customizer.
187	*
188	* You can modify the return url via $args.
189	*
190	* @since 11.0 in this file. This method is also located in custom-css-4.7.php to cover legacy scenarios.
191	*
192	* @param array $args Array of parameters.
193	* @return string
194	*/
195	public static function customizer_link( $args = array() ) {
196	if ( isset( $_SERVER['REQUEST_URI'] ) ) {
197	$args = wp_parse_args(
198	$args,
199	array(
200	'return_url' => rawurlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
201	)
202	);
203	}
204
205	return add_query_arg(
206	array(
207	array(
208	'autofocus' => array(
209	'section' => 'custom_css',
210	),
211	),
212	'return' => $args['return_url'],
213	),
214	admin_url( 'customize.php' )
215	);
216	}
217
218	/**
219	* Sort callback to put modules with `requires_connection` last.
220	*
221	* @param array $module1 Module data.
222	* @param array $module2 Module data.
223	* @return int Indicating the relative ordering of module1 and module2.
224	*/
225	public static function sort_requires_connection_last( $module1, $module2 ) {
226	if ( (bool) $module1['requires_connection'] === (bool) $module2['requires_connection'] ) {
227	return 0;
228	} elseif ( $module1['requires_connection'] ) {
229	return 1;
230	} elseif ( $module2['requires_connection'] ) {
231	return -1;
232	}
233
234	return 0;
235	}
236
237	/**
238	* Produce JS understandable objects of modules containing information for
239	* presentation like description, name, configuration url, etc.
240	*/
241	public function get_modules() {
242	include_once JETPACK__PLUGIN_DIR . 'modules/module-info.php';
243	$available_modules = Jetpack::get_available_modules();
244	$active_modules = Jetpack::get_active_modules();
245	$modules = array();
246	$jetpack_active = Jetpack::is_connection_ready() \|\| ( new Status() )->is_offline_mode();
247	$overrides = Jetpack_Modules_Overrides::instance();
248	foreach ( $available_modules as $module ) {
249	$module_array = Jetpack::get_module( $module );
250	if ( $module_array ) {
251	/**
252	* Filters each module's short description.
253	*
254	* @since 3.0.0
255	*
256	* @param string $module_array['description'] Module description.
257	* @param string $module Module slug.
258	*/
259	$short_desc = apply_filters( 'jetpack_short_module_description', $module_array['description'], $module );
260	// Fix: correct multibyte strings truncate with checking for mbstring extension.
261	$short_desc_trunc = ( function_exists( 'mb_strlen' ) )
262	? ( ( mb_strlen( $short_desc ) > 143 )
263	? mb_substr( $short_desc, 0, 140 ) . '...'
264	: $short_desc )
265	: ( ( strlen( $short_desc ) > 143 )
266	? substr( $short_desc, 0, 140 ) . '...'
267	: $short_desc );
268
269	$module_array['module'] = $module;
270
271	$is_available = self::is_module_available( $module_array );
272
273	$module_array['activated'] = ( $jetpack_active ? in_array( $module, $active_modules, true ) : false );
274	$module_array['deactivate_nonce'] = wp_create_nonce( 'jetpack_deactivate-' . $module );
275	$module_array['activate_nonce'] = wp_create_nonce( 'jetpack_activate-' . $module );
276	$module_array['available'] = $is_available;
277	$module_array['unavailable_reason'] = $is_available ? false : self::get_module_unavailable_reason( $module_array );
278	$module_array['short_description'] = $short_desc_trunc;
279	$module_array['configure_url'] = Jetpack::module_configuration_url( $module );
280	$module_array['override'] = $overrides->get_module_override( $module );
281
282	ob_start();
283	/**
284	* Allow the display of a "Learn More" button.
285	* The dynamic part of the action, $module, is the module slug.
286	*
287	* @since 3.0.0
288	*/
289	do_action( 'jetpack_learn_more_button_' . $module );
290	$module_array['learn_more_button'] = ob_get_clean();
291
292	ob_start();
293	/**
294	* Allow the display of information text when Jetpack is connected to WordPress.com.
295	* The dynamic part of the action, $module, is the module slug.
296	*
297	* @since 3.0.0
298	*/
299	do_action( 'jetpack_module_more_info_' . $module );
300
301	/**
302	* Filter the long description of a module.
303	*
304	* @since 3.5.0
305	*
306	* @param string ob_get_clean() The module long description.
307	* @param string $module The module name.
308	*/
309	$module_array['long_description'] = apply_filters( 'jetpack_long_module_description', ob_get_clean(), $module );
310
311	ob_start();
312	/**
313	* Filter the search terms for a module
314	*
315	* Search terms are typically added to the module headers, under "Additional Search Queries".
316	*
317	* Use syntax:
318	* function jetpack_$module_search_terms( $terms ) {
319	* $terms = _x( 'term 1, term 2', 'search terms', 'jetpack' );
320	* return $terms;
321	* }
322	* add_filter( 'jetpack_search_terms_$module', 'jetpack_$module_search_terms' );
323	*
324	* @since 3.5.0
325	*
326	* @param string The search terms (comma separated).
327	*/
328	echo apply_filters( 'jetpack_search_terms_' . $module, $module_array['additional_search_queries'] ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
329	$module_array['search_terms'] = ob_get_clean();
330
331	$module_array['configurable'] = false;
332	if (
333	current_user_can( 'manage_options' ) &&
334	/**
335	* Allow the display of a configuration link in the Jetpack Settings screen.
336	*
337	* @since 3.0.0
338	*
339	* @param string $module Module name.
340	* @param bool false Should the Configure module link be displayed? Default to false.
341	*/
342	apply_filters( 'jetpack_module_configurable_' . $module, false )
343	) {
344	$module_array['configurable'] = sprintf( '<a href="%1$s">%2$s</a>', esc_url( $module_array['configure_url'] ), __( 'Configure', 'jetpack' ) );
345	}
346
347	$modules[ $module ] = $module_array;
348	}
349	}
350
351	uasort( $modules, array( 'Jetpack', 'sort_modules' ) );
352
353	if ( ! Jetpack::is_connection_ready() ) {
354	uasort( $modules, array( __CLASS__, 'sort_requires_connection_last' ) );
355	}
356
357	return $modules;
358	}
359
360	/**
361	* Check if a module is available.
362	*
363	* @param array $module Module data.
364	*/
365	public static function is_module_available( $module ) {
366	if ( ! is_array( $module ) \|\| empty( $module ) ) {
367	return false;
368	}
369
370	/**
371	* We never want to show VaultPress as activatable through Jetpack.
372	*/
373	if ( 'vaultpress' === $module['module'] ) {
374	return false;
375	}
376
377	/*
378	* WooCommerce Analytics should only be available
379	* when running WooCommerce 3+
380	*/
381	if (
382	'woocommerce-analytics' === $module['module']
383	&& (
384	! class_exists( 'WooCommerce' )
385	\|\| version_compare( WC_VERSION, '3.0', '<' )
386	)
387	) {
388	return false;
389	}
390
391	/*
392	* In Offline mode, modules that require a site or user
393	* level connection should be unavailable.
394	*/
395	if ( ( new Status() )->is_offline_mode() ) {
396	return ! ( $module['requires_connection'] \|\| $module['requires_user_connection'] );
397	}
398
399	/*
400	* Jetpack not connected.
401	*/
402	if ( ! Jetpack::is_connection_ready() ) {
403	return false;
404	}
405
406	/*
407	* Jetpack connected at a site level only. Make sure to make
408	* modules that require a user connection unavailable.
409	*/
410	if ( ! Jetpack::connection()->has_connected_owner() && $module['requires_user_connection'] ) {
411	return false;
412	}
413
414	return Jetpack_Plan::supports( $module['module'] );
415	}
416
417	/**
418	* Returns why a module is unavailable.
419	*
420	* @param array $module The module.
421	* @return string\|false A string stating why the module is not available or false if the module is available.
422	*/
423	public static function get_module_unavailable_reason( $module ) {
424	if ( ! is_array( $module ) \|\| empty( $module ) ) {
425	return false;
426	}
427
428	if ( self::is_module_available( $module ) ) {
429	return false;
430	}
431
432	/**
433	* We never want to show VaultPress as activatable through Jetpack so return an empty string.
434	*/
435	if ( 'vaultpress' === $module['module'] ) {
436	return '';
437	}
438
439	/*
440	* WooCommerce Analytics should only be available
441	* when running WooCommerce 3+
442	*/
443	if (
444	'woocommerce-analytics' === $module['module']
445	&& (
446	! class_exists( 'WooCommerce' )
447	\|\| version_compare( WC_VERSION, '3.0', '<' )
448	)
449	) {
450	return __( 'Requires WooCommerce 3+ plugin', 'jetpack' );
451	}
452
453	/*
454	* In Offline mode, modules that require a site or user
455	* level connection should be unavailable.
456	*/
457	if ( ( new Status() )->is_offline_mode() ) {
458	if ( $module['requires_connection'] \|\| $module['requires_user_connection'] ) {
459	return __( 'Offline mode', 'jetpack' );
460	}
461	}
462
463	/*
464	* Jetpack not connected.
465	*/
466	if ( ! Jetpack::is_connection_ready() ) {
467	return __( 'Jetpack is not connected', 'jetpack' );
468	}
469
470	/*
471	* Jetpack connected at a site level only and module requires a user connection.
472	*/
473	if ( ! Jetpack::connection()->has_connected_owner() && $module['requires_user_connection'] ) {
474	return __( 'Requires a connected WordPress.com account', 'jetpack' );
475	}
476
477	/*
478	* Plan restrictions.
479	*/
480	if ( ! Jetpack_Plan::supports( $module['module'] ) ) {
481	return __( 'Not supported by current plan', 'jetpack' );
482	}
483
484	return '';
485	}
486
487	/**
488	* Handle an unrecognized action.
489	*
490	* @param string $action Action.
491	*/
492	public function handle_unrecognized_action( $action ) {
493	switch ( $action ) {
494	case 'bulk-activate':
495	check_admin_referer( 'bulk-jetpack_page_jetpack_modules' );
496	if ( ! current_user_can( 'jetpack_activate_modules' ) ) {
497	break;
498	}
499
500	$modules = isset( $_GET['modules'] ) ? array_map( 'sanitize_key', wp_unslash( (array) $_GET['modules'] ) ) : array();
501	foreach ( $modules as $module ) {
502	Jetpack::log( 'activate', $module );
503	Jetpack::activate_module( $module, false );
504	}
505	// The following two lines will rarely happen, as Jetpack::activate_module normally exits at the end.
506	wp_safe_redirect( wp_get_referer() );
507	exit;
508	case 'bulk-deactivate':
509	check_admin_referer( 'bulk-jetpack_page_jetpack_modules' );
510	if ( ! current_user_can( 'jetpack_deactivate_modules' ) ) {
511	break;
512	}
513
514	$modules = isset( $_GET['modules'] ) ? array_map( 'sanitize_key', wp_unslash( (array) $_GET['modules'] ) ) : array();
515	foreach ( $modules as $module ) {
516	Jetpack::log( 'deactivate', $module );
517	Jetpack::deactivate_module( $module );
518	Jetpack::state( 'message', 'module_deactivated' );
519	}
520	Jetpack::state( 'module', $modules );
521	wp_safe_redirect( wp_get_referer() );
522	exit;
523	default:
524	return;
525	}
526	}
527
528	/**
529	* Fix redirect.
530	*
531	* Apparently we redirect to the referrer instead of whatever WordPress
532	* wants to redirect to when activating and deactivating modules.
533	*
534	* @param string $module Module slug.
535	* @param bool $redirect Should we exit after the module has been activated. Default to true.
536	*/
537	public function fix_redirect( $module, $redirect = true ) {
538	if ( ! $redirect ) {
539	return;
540	}
541	if ( wp_get_referer() ) {
542	add_filter( 'wp_redirect', 'wp_get_referer' );
543	}
544	}
545
546	/**
547	* Add debugger admin menu.
548	*/
549	public function admin_menu_debugger() {
550	require_once JETPACK__PLUGIN_DIR . '_inc/lib/debugger.php';
551	Jetpack_Debugger::disconnect_and_redirect();
552	$debugger_hook = add_submenu_page(
553	'',
554	__( 'Debugging Center', 'jetpack' ),
555	'',
556	'manage_options',
557	'jetpack-debugger',
558	array( $this, 'wrap_debugger_page' )
559	);
560	add_action( "admin_head-$debugger_hook", array( 'Jetpack_Debugger', 'jetpack_debug_admin_head' ) );
561	}
562
563	/**
564	* Wrap debugger page.
565	*/
566	public function wrap_debugger_page() {
567	nocache_headers();
568	if ( ! current_user_can( 'manage_options' ) ) {
569	die( '-1' );
570	}
571	Jetpack_Admin_Page::wrap_ui( array( $this, 'debugger_page' ) );
572	}
573
574	/**
575	* Display debugger page.
576	*/
577	public function debugger_page() {
578	require_once JETPACK__PLUGIN_DIR . '_inc/lib/debugger.php';
579	Jetpack_Debugger::jetpack_debug_display_handler();
580	}
581
582	/**
583	* Determines if JITMs should display on a particular screen.
584	*
585	* @param bool $value The default value of the filter.
586	* @param string $screen_id The ID of the screen being tested for JITM display.
587	*
588	* @return bool True if JITMs should display, false otherwise.
589	*/
590	public function should_display_jitms_on_screen( $value, $screen_id ) {
591	// Disable all JITMs on these pages.
592	if (
593	in_array(
594	$screen_id,
595	array(
596	'jetpack_page_akismet-key-config',
597	'admin_page_jetpack_modules',
598	),
599	true
600	) ) {
601	return false;
602	}
603
604	// Disable all JITMs on pages where the recommendations banner is displaying.
605	if (
606	in_array(
607	$screen_id,
608	array(
609	'dashboard',
610	'plugins',
611	'jetpack_page_stats',
612	),
613	true
614	)
615	&& \Jetpack_Recommendations_Banner::can_be_displayed()
616	) {
617	return false;
618	}
619
620	return $value;
621	}
622	}
623	Jetpack_Admin::init();
624